From: Bodo Möller <bodo@openssl.org>
Date: Mon, 5 Sep 2011 13:31:07 +0000 (+0000)
Subject: Fix d2i_SSL_SESSION.
X-Git-Tag: OpenSSL_1_0_1-beta1~158
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5ff6e2dfbbc222296d2eec592412042e4c5389af;p=openssl

Fix d2i_SSL_SESSION.
---

diff --git a/CHANGES b/CHANGES
index 475d9ae2eb..4612a7fcb3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 1.0.0e and 1.0.1  [xx XXX xxxx]
 
+  *) Fix PSK session representation.
+     [Bodo Moeller]
+
   *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
 
      This work was sponsored by Intel.
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 11ed467452..8082da728f 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -447,10 +447,12 @@ struct ssl_method_st
  *	Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
  *	Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
  *	HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension 
- *	ECPointFormatList [ 7 ] OCTET STRING,     -- optional EC point format list from TLS extension
- *	PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- *	PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
- *	SRP_username [ 11 ] EXPLICIT OCTET STRING -- optional SRP username
+ *	PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ *	PSK_identity [ 8 ] EXPLICIT OCTET STRING,  -- optional PSK identity
+ *	Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ *	Ticket [10]             EXPLICIT OCTET STRING, -- session ticket (clients only)
+ *	Compression_meth [11]   EXPLICIT OCTET STRING, -- optional compression method
+ *	SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
  *	}
  * Look in ssl/ssl_asn1.c for more details
  * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 994a654edb..9fd3535ca6 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -571,6 +571,19 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
 		}
 	else
 		ret->psk_identity_hint=NULL;
+
+	os.length=0;
+	os.data=NULL;
+	M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,8);
+	if (os.data)
+		{
+		ret->psk_identity = BUF_strndup((char *)os.data, os.length);
+		OPENSSL_free(os.data);
+		os.data = NULL;
+		os.length = 0;
+		}
+	else
+		ret->psk_identity=NULL;
 #endif /* OPENSSL_NO_PSK */
 
 #ifndef OPENSSL_NO_TLSEXT