feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

TLS Maintenance

Browse Source 
When serializing the WOLFSSL_SESSION, serialize everything.
This commit is contained in:
John Safranek
2019-09-11 16:44:54 -07:00
parent 852d50adcf
commit c27a4b3865
1 changed files with 104 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
src/ssl.c
View File

@ -24792,14 +24792,31 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
/* ServerID len | ServerID */ /* ServerID len | ServerID */
size += OPAQUE16_LEN + sess->idLen; size += OPAQUE16_LEN + sess->idLen;
#endif #endif
#ifdef HAVE_SESSION_TICKET
/* ticket len | ticket */
size += OPAQUE16_LEN + sess->ticketLen;
#endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
/* session context ID len | session context ID */ /* session context ID len | session context ID */
size += OPAQUE8_LEN + sess->sessionCtxSz; size += OPAQUE8_LEN + sess->sessionCtxSz;
#endif #endif
#ifdef WOLFSSL_TLS13
/* namedGroup */
size += OPAQUE16_LEN;
#endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
#ifdef WOLFSSL_TLS13
/* ticketSeen | ticketAdd */
size += OPAQUE32_LEN + OPAQUE32_LEN;
#ifndef WOLFSSL_TLS13_DRAFT_18
/* ticketNonce */
size += OPAQUE8_LEN + sess->ticketNonce.len;
#endif
#endif
#ifdef WOLFSSL_EARLY_DATA
size += OPAQUE32_LEN;
#endif
#endif
#ifdef HAVE_SESSION_TICKET
/* ticket len | ticket */
size += OPAQUE16_LEN + sess->ticketLen;
#endif
if (p != NULL) { if (p != NULL) {
if (*p == NULL) if (*p == NULL)
@ -24840,15 +24857,36 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
XMEMCPY(data + idx, sess->serverID, sess->idLen); XMEMCPY(data + idx, sess->serverID, sess->idLen);
idx += sess->idLen; idx += sess->idLen;
#endif #endif
#ifdef HAVE_SESSION_TICKET
c16toa(sess->ticketLen, data + idx); idx += OPAQUE16_LEN;
XMEMCPY(data + idx, sess->ticket, sess->ticketLen);
idx += sess->ticketLen;
#endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
data[idx++] = sess->sessionCtxSz; data[idx++] = sess->sessionCtxSz;
XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz); XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz);
idx += sess->sessionCtxSz; idx += sess->sessionCtxSz;
#endif
#ifdef WOLFSSL_TLS13
c16toa(sess->namedGroup, data + idx);
idx += OPAQUE16_LEN;
#endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
#ifdef WOLFSSL_TLS13
c32toa(sess->ticketSeen, data + idx);
idx += OPAQUE32_LEN;
c32toa(sess->ticketAdd, data + idx);
idx += OPAQUE32_LEN;
#ifndef WOLFSSL_TLS13_DRAFT_18
data[idx++] = sess->ticketNonce.len;
XMEMCPY(data + idx, sess->ticketNonce.data, sess->ticketNonce.len);
idx += sess->ticketNonce.len;
#endif
#endif
#ifdef WOLFSSL_EARLY_DATA
c32toa(sess->maxEarlyDataSz);
idx += OPAQUE32_LEN;
#endif
#endif
#ifdef HAVE_SESSION_TICKET
c16toa(sess->ticketLen, data + idx); idx += OPAQUE16_LEN;
XMEMCPY(data + idx, sess->ticket, sess->ticketLen);
idx += sess->ticketLen;
#endif #endif
} }
#endif #endif
@ -24986,6 +25024,63 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
} }
XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen; XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen;
#endif #endif
#ifdef OPENSSL_EXTRA
/* byte for length of session context ID */
if (i - idx < OPAQUE8_LEN) {
ret = BUFFER_ERROR;
goto end;
}
s->sessionCtxSz = data[idx++];
/* app session context ID */
if (i - idx < s->sessionCtxSz) {
ret = BUFFER_ERROR;
goto end;
}
XMEMCPY(s->sessionCtx, data + idx, s->sessionCtxSz); idx += s->sessionCtxSz;
#endif
#ifdef WOLFSSL_TLS13
if (i - idx < OPAQUE16_LEN) {
ret = BUFFER_ERROR;
goto end;
}
ato16(data + idx, &s->namedGroup);
idx += OPAQUE16_LEN;
#endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
#ifdef WOLFSSL_TLS13
if (i - idx < (OPAQUE32_LEN * 2)) {
ret = BUFFER_ERROR;
goto end;
}
ato32(data + idx, &s->ticketSeen);
idx += OPAQUE32_LEN;
ato32(data + idx, &s->ticketAdd);
idx += OPAQUE32_LEN;
#ifndef WOLFSSL_TLS13_DRAFT_18
if (i - idx < OPAQUE8_LEN) {
ret = BUFFER_ERROR;
goto end;
}
s->ticketNonce.len = data[idx++];
if (i - idx < s->ticketNonce.len) {
ret = BUFFER_ERROR;
goto end;
}
XMEMCPY(s->ticketNonce.data, data + idx, s->ticketNonce.len);
idx += s->ticketNonce.len;
#endif
#endif
#ifdef WOLFSSL_EARLY_DATA
if (i - idx < OPAQUE32_LEN) {
ret = BUFFER_ERROR;
goto end;
}
ato32(data + idx, &s->maxEarlyDataSz);
idx += OPAQUE32_LEN;
#endif
#endif
#ifdef HAVE_SESSION_TICKET #ifdef HAVE_SESSION_TICKET
/* ticket len */ /* ticket len */
if (i - idx < OPAQUE16_LEN) { if (i - idx < OPAQUE16_LEN) {
@ -25015,21 +25110,6 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
goto end; goto end;
} }
XMEMCPY(s->ticket, data + idx, s->ticketLen); idx += s->ticketLen; XMEMCPY(s->ticket, data + idx, s->ticketLen); idx += s->ticketLen;
#endif
#ifdef OPENSSL_EXTRA
/* byte for length of session context ID */
if (i - idx < OPAQUE8_LEN) {
ret = BUFFER_ERROR;
goto end;
}
s->sessionCtxSz = data[idx++];
/* app session context ID */
if (i - idx < s->sessionCtxSz) {
ret = BUFFER_ERROR;
goto end;
}
XMEMCPY(s->sessionCtx, data + idx, s->sessionCtxSz); idx += s->sessionCtxSz;
#endif #endif
(void)idx; (void)idx;