[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-cvs
Subject: [CVS] OpenSSL: openssl/ssl/ ssl_asn1.c
From: "Dr. Stephen Henson" <steve () openssl ! org>
Date: 2007-10-17 11:49:28
Message-ID: 20071017114928.928FC1EAE827 () master ! openssl ! org
[Download RAW message or body]
OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________________________
Server: cvs.openssl.org Name: Dr. Stephen Henson
Root: /v/openssl/cvs Email: steve@openssl.org
Module: openssl Date: 17-Oct-2007 13:49:28
Branch: HEAD Handle: 2007101712492700
Modified files:
openssl/ssl ssl_asn1.c
Log:
Fix from stable branch.
Summary:
Revision Changes Path
1.32 +8 -5 openssl/ssl/ssl_asn1.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openssl/ssl/ssl_asn1.c
============================================================================
$ cvs diff -u -r1.31 -r1.32 ssl_asn1.c
--- openssl/ssl/ssl_asn1.c 12 Aug 2007 18:56:13 -0000 1.31
+++ openssl/ssl/ssl_asn1.c 17 Oct 2007 11:49:27 -0000 1.32
@@ -230,12 +230,13 @@
a.tlsext_tick.type=V_ASN1_OCTET_STRING;
a.tlsext_tick.data=(unsigned char *)in->tlsext_tick;
/* If we have a ticket set session ID to empty because
- * it will be bogus.
+ * it will be bogus. If liftime hint is -1 treat as a special
+ * case because the session is being used as a container
*/
- if (in->tlsext_ticklen)
+ if (in->tlsext_ticklen && (in->tlsext_tick_lifetime_hint != -1))
a.session_id.length=0;
}
- if (in->tlsext_tick_lifetime_hint != 0)
+ if (in->tlsext_tick_lifetime_hint > 0)
{
a.tlsext_tick_lifetime.length=LSIZE2;
a.tlsext_tick_lifetime.type=V_ASN1_INTEGER;
@@ -280,7 +281,7 @@
M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
#ifndef OPENSSL_NO_TLSEXT
- if (in->tlsext_tick_lifetime_hint)
+ if (in->tlsext_tick_lifetime_hint > 0)
M_ASN1_I2D_len_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER,9,v9);
if (in->tlsext_tick)
M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING,10,v10);
@@ -328,7 +329,7 @@
M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8);
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_TLSEXT
- if (in->tlsext_tick_lifetime_hint)
+ if (in->tlsext_tick_lifetime_hint > 0)
M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER,9,v9);
if (in->tlsext_tick)
M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING,10,v10);
@@ -542,6 +543,8 @@
ret->tlsext_tick_lifetime_hint=ASN1_INTEGER_get(aip);
OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
}
+ else if (ret->tlsext_ticklen && ret->session_id_length)
+ ret->tlsext_tick_lifetime_hint = -1;
else
ret->tlsext_tick_lifetime_hint=0;
os.length=0;
@@ .
______________________________________________________________________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List openssl-cvs@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic