Updates following review feedback of TLSv1.3 draft-21 code
authorMatt Caswell <matt@openssl.org>
Fri, 7 Jul 2017 10:21:29 +0000 (11:21 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 7 Jul 2017 14:02:09 +0000 (15:02 +0100)
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3852)

ssl/ssl_sess.c
ssl/statem/statem_srvr.c

index 8740e15..a1d2013 100644 (file)
@@ -128,9 +128,8 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
 #endif
     dest->peer_chain = NULL;
     dest->peer = NULL;
-    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
-
     dest->ext.tick_nonce = NULL;
+    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
 
     /* We deliberately don't copy the prev and next pointers */
     dest->prev = NULL;
index cfe6f51..f3f54d4 100644 (file)
@@ -3511,10 +3511,8 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
                                ? 0 : s->session->timeout)
             || (SSL_IS_TLS13(s)
                 && (!WPACKET_put_bytes_u32(pkt, age_add_u.age_add)
-                       /* ticket_nonce */
-                    || !WPACKET_start_sub_packet_u8(pkt)
-                    || !WPACKET_put_bytes_u8(pkt, 0)
-                    || !WPACKET_close(pkt)))
+                    || !WPACKET_sub_memcpy_u8(pkt, s->session->ext.tick_nonce,
+                                              s->session->ext.tick_nonce_len)))
                /* Now the actual ticket data */
             || !WPACKET_start_sub_packet_u16(pkt)
             || !WPACKET_get_total_written(pkt, &macoffset)