Add flags field to SSL_SESSION.

Add a "flags" field to SSL_SESSION. This will contain various flags such as encrypt-then-mac and extended master secret support. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-01-23 02:29:50 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2015-02-03 14:50:07 +0000
commit: 6f152a15d433c249b4b73d0a7968d4ea63925a24 (patch)
tree: 62cc815599d6ac4a99a4925a80611bf612b40d4f /ssl/ssl_asn1.c
parent: 52e028b9de371da62c1e51b46592517b1068d770 (diff)
download: openssl-6f152a15d433c249b4b73d0a7968d4ea63925a24.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 3eaee1d291..b27e058bc7 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -115,6 +115,7 @@ typedef struct ssl_session_asn1_st {
 #ifndef OPENSSL_NO_SRP
     ASN1_OCTET_STRING srp_username;
 #endif                          /* OPENSSL_NO_SRP */
+    ASN1_INTEGER flags;
 } SSL_SESSION_ASN1;
 
 int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
@@ -134,6 +135,8 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 #ifndef OPENSSL_NO_SRP
     int v12 = 0;
 #endif
+    unsigned char fbuf[LSIZE2];
+    int v13 = 0;
     long l;
     SSL_SESSION_ASN1 a;
     M_ASN1_I2D_vars(in);
@@ -256,6 +259,13 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
     }
 #endif                          /* OPENSSL_NO_SRP */
 
+    if (in->flags) {
+        a.flags.length = LSIZE2;
+        a.flags.type = V_ASN1_INTEGER;
+        a.flags.data = fbuf;
+        ASN1_INTEGER_set(&a.flags, in->flags);
+    }
+
     M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
     M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
     M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
@@ -304,6 +314,8 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
         M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
                                v12);
 #endif                          /* OPENSSL_NO_SRP */
+    if (in->flags)
+        M_ASN1_I2D_len_EXP_opt(&(a.flags), i2d_ASN1_INTEGER, 13, v13);
 
     M_ASN1_I2D_seq_total();
 
@@ -356,6 +368,8 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
         M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
                                v12);
 #endif                          /* OPENSSL_NO_SRP */
+    if (in->flags)
+        M_ASN1_I2D_put_EXP_opt(&a.flags, i2d_ASN1_INTEGER, 13, v13);
     M_ASN1_I2D_finish();
 }
 
@@ -593,6 +607,15 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
     } else
         ret->srp_username = NULL;
 #endif                          /* OPENSSL_NO_SRP */
+    ai.length = 0;
+    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 13);
+    if (ai.data != NULL) {
+        ret->flags = ASN1_INTEGER_get(aip);
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    } else
+        ret->flags = 0;
 
     M_ASN1_D2I_Finish(a, SSL_SESSION_free, SSL_F_D2I_SSL_SESSION);
 }
author	Dr. Stephen Henson <steve@openssl.org>	2015-01-23 02:29:50 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2015-02-03 14:50:07 +0000
commit	6f152a15d433c249b4b73d0a7968d4ea63925a24 (patch)
tree	62cc815599d6ac4a99a4925a80611bf612b40d4f /ssl/ssl_asn1.c
parent	52e028b9de371da62c1e51b46592517b1068d770 (diff)
download	openssl-6f152a15d433c249b4b73d0a7968d4ea63925a24.tar.gz