diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2007-10-17 11:49:27 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2007-10-17 11:49:27 +0000 |
| commit | 4017e8706ce8307e38c2adb1dca017fe7df02ee3 (patch) | |
| tree | fab96c75032593499d990569a85035b4a425853d | |
| parent | 3ce54f35b3d959574675ab7b92febe923113c80d (diff) | |
| download | openssl-4017e8706ce8307e38c2adb1dca017fe7df02ee3.tar.gz | |
Fix from stable branch.
| -rw-r--r-- | ssl/ssl_asn1.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index 789f6a3397..8630d3ecee 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -230,12 +230,13 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) a.tlsext_tick.type=V_ASN1_OCTET_STRING; a.tlsext_tick.data=(unsigned char *)in->tlsext_tick; /* If we have a ticket set session ID to empty because - * it will be bogus. + * it will be bogus. If liftime hint is -1 treat as a special + * case because the session is being used as a container */ - if (in->tlsext_ticklen) + if (in->tlsext_ticklen && (in->tlsext_tick_lifetime_hint != -1)) a.session_id.length=0; } - if (in->tlsext_tick_lifetime_hint != 0) + if (in->tlsext_tick_lifetime_hint > 0) { a.tlsext_tick_lifetime.length=LSIZE2; a.tlsext_tick_lifetime.type=V_ASN1_INTEGER; @@ -280,7 +281,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5); #ifndef OPENSSL_NO_TLSEXT - if (in->tlsext_tick_lifetime_hint) + if (in->tlsext_tick_lifetime_hint > 0) M_ASN1_I2D_len_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER,9,v9); if (in->tlsext_tick) M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING,10,v10); @@ -328,7 +329,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING,8,v8); #endif /* OPENSSL_NO_PSK */ #ifndef OPENSSL_NO_TLSEXT - if (in->tlsext_tick_lifetime_hint) + if (in->tlsext_tick_lifetime_hint > 0) M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER,9,v9); if (in->tlsext_tick) M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING,10,v10); @@ -542,6 +543,8 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, ret->tlsext_tick_lifetime_hint=ASN1_INTEGER_get(aip); OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } + else if (ret->tlsext_ticklen && ret->session_id_length) + ret->tlsext_tick_lifetime_hint = -1; else ret->tlsext_tick_lifetime_hint=0; os.length=0; |