kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Set SSL_SESSION.cipher when parsing.

Browse Source 
This was done for the server when parsing a session ticket, but it
wasn't done in the parsing function itself. That caused problems when
high level code used the parsing function directly to set a session for
the client code.

See comments in internal bug 7091840.

Change-Id: Iaa048c3df62cd9fe7a003af33805819e2556960a
This commit is contained in:
Adam Langley 2014-08-13 12:28:02 -07:00
parent 0f4746e207
commit 82b7da271f
2 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/ssl_asn1.c
View File

@ -387,8 +387,14 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
goto err;
}
ret->cipher=NULL;
ret->cipher_id=id;
ret->cipher = ssl3_get_cipher_by_value(ret->cipher_id & 0xffff);
if (ret->cipher == NULL)
{
c.error=SSL_R_UNSUPPORTED_CIPHER;
c.line = __LINE__;
goto err;
}
M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)

9
ssl/ssl_sess.c
View File

@ -560,15 +560,6 @@ int ssl_get_prev_session(SSL *s, const struct ssl_early_callback_ctx *ctx)
goto err;
}
if (ret->cipher == NULL)
{
/* The cipher id has a leading 0x03 to be removed (and then put
* back for the binary search) as a remnant of SSLv2 support. */
ret->cipher = ssl3_get_cipher_by_value(ret->cipher_id & 0xffff);
if (ret->cipher == NULL)
goto err;
}
if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
{
s->session_ctx->stats.sess_timeout++;