summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_asn1.c
diff options
context:
space:
mode:
authorguenther <>2014-04-20 12:48:19 +0000
committerguenther <>2014-04-20 12:48:19 +0000
commit71d6ded93deb4d1edc464874b5359ece0ef857d2 (patch)
treecca6edfc57a2953a5fb440052243f46cd8d7eb12 /src/lib/libssl/ssl_asn1.c
parent4b4a5d4b04e0ebd28c425210967942e4fa5d834c (diff)
downloadopenbsd-71d6ded93deb4d1edc464874b5359ece0ef857d2.tar.gz
openbsd-71d6ded93deb4d1edc464874b5359ece0ef857d2.tar.bz2
openbsd-71d6ded93deb4d1edc464874b5359ece0ef857d2.zip
Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.
APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
Diffstat (limited to 'src/lib/libssl/ssl_asn1.c')
-rw-r--r--src/lib/libssl/ssl_asn1.c24
1 files changed, 3 insertions, 21 deletions
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index c551ec4877..1d2590268c 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -97,7 +97,6 @@ typedef struct ssl_session_asn1_st {
97 ASN1_OCTET_STRING master_key; 97 ASN1_OCTET_STRING master_key;
98 ASN1_OCTET_STRING session_id; 98 ASN1_OCTET_STRING session_id;
99 ASN1_OCTET_STRING session_id_context; 99 ASN1_OCTET_STRING session_id_context;
100 ASN1_OCTET_STRING key_arg;
101#ifndef OPENSSL_NO_KRB5 100#ifndef OPENSSL_NO_KRB5
102 ASN1_OCTET_STRING krb5_princ; 101 ASN1_OCTET_STRING krb5_princ;
103#endif /* OPENSSL_NO_KRB5 */ 102#endif /* OPENSSL_NO_KRB5 */
@@ -190,10 +189,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
190 a.session_id_context.type = V_ASN1_OCTET_STRING; 189 a.session_id_context.type = V_ASN1_OCTET_STRING;
191 a.session_id_context.data = in->sid_ctx; 190 a.session_id_context.data = in->sid_ctx;
192 191
193 a.key_arg.length = in->key_arg_length;
194 a.key_arg.type = V_ASN1_OCTET_STRING;
195 a.key_arg.data = in->key_arg;
196
197#ifndef OPENSSL_NO_KRB5 192#ifndef OPENSSL_NO_KRB5
198 if (in->krb5_client_princ_len) { 193 if (in->krb5_client_princ_len) {
199 a.krb5_princ.length = in->krb5_client_princ_len; 194 a.krb5_princ.length = in->krb5_client_princ_len;
@@ -206,7 +201,7 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
206 a.time.length = LSIZE2; 201 a.time.length = LSIZE2;
207 a.time.type = V_ASN1_INTEGER; 202 a.time.type = V_ASN1_INTEGER;
208 a.time.data = ibuf3; 203 a.time.data = ibuf3;
209 ASN1_INTEGER_set(&(a.time), in->time); 204 ASN1_INTEGER_set(&(a.time), in->time); /* XXX 2038 */
210 } 205 }
211 206
212 if (in->timeout != 0L) { 207 if (in->timeout != 0L) {
@@ -270,8 +265,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
270 if (in->krb5_client_princ_len) 265 if (in->krb5_client_princ_len)
271 M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING); 266 M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
272#endif /* OPENSSL_NO_KRB5 */ 267#endif /* OPENSSL_NO_KRB5 */
273 if (in->key_arg_length > 0)
274 M_ASN1_I2D_len_IMP_opt(&(a.key_arg), i2d_ASN1_OCTET_STRING);
275 if (in->time != 0L) 268 if (in->time != 0L)
276 M_ASN1_I2D_len_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1); 269 M_ASN1_I2D_len_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1);
277 if (in->timeout != 0L) 270 if (in->timeout != 0L)
@@ -316,8 +309,6 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
316 if (in->krb5_client_princ_len) 309 if (in->krb5_client_princ_len)
317 M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING); 310 M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
318#endif /* OPENSSL_NO_KRB5 */ 311#endif /* OPENSSL_NO_KRB5 */
319 if (in->key_arg_length > 0)
320 M_ASN1_I2D_put_IMP_opt(&(a.key_arg), i2d_ASN1_OCTET_STRING, 0);
321 if (in->time != 0L) 312 if (in->time != 0L)
322 M_ASN1_I2D_put_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1); 313 M_ASN1_I2D_put_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1);
323 if (in->timeout != 0L) 314 if (in->timeout != 0L)
@@ -445,24 +436,15 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
445 ret->krb5_client_princ_len = 0; 436 ret->krb5_client_princ_len = 0;
446#endif /* OPENSSL_NO_KRB5 */ 437#endif /* OPENSSL_NO_KRB5 */
447 438
448 M_ASN1_D2I_get_IMP_opt(osp, d2i_ASN1_OCTET_STRING, 0, V_ASN1_OCTET_STRING);
449 if (os.length > SSL_MAX_KEY_ARG_LENGTH)
450 ret->key_arg_length = SSL_MAX_KEY_ARG_LENGTH;
451 else
452 ret->key_arg_length = os.length;
453 memcpy(ret->key_arg, os.data, ret->key_arg_length);
454 if (os.data != NULL)
455 free(os.data);
456
457 ai.length = 0; 439 ai.length = 0;
458 M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 1); 440 M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 1); /* XXX 2038 */
459 if (ai.data != NULL) { 441 if (ai.data != NULL) {
460 ret->time = ASN1_INTEGER_get(aip); 442 ret->time = ASN1_INTEGER_get(aip);
461 free(ai.data); 443 free(ai.data);
462 ai.data = NULL; 444 ai.data = NULL;
463 ai.length = 0; 445 ai.length = 0;
464 } else 446 } else
465 ret->time = (unsigned long)time(NULL); 447 ret->time = time(NULL);
466 448
467 ai.length = 0; 449 ai.length = 0;
468 M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 2); 450 M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 2);