Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build

functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
author: ryker <> 1998-10-05 20:13:14 +0000
committer: ryker <> 1998-10-05 20:13:14 +0000
commit: aeeae06a79815dc190061534d47236cec09f9e32 (patch)
tree: 851692b9c2f9c04f077666855641900f19fdb217 /src/lib/libssl/ssl_asn1.c
parent: a4f79641824cbf9f60ca9d1168d1fcc46717a82a (diff)
download: openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.gz
openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.bz2
openbsd-aeeae06a79815dc190061534d47236cec09f9e32.zip
1 files changed, 313 insertions, 0 deletions
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
new file mode 100644
index 0000000000..116a83de64
--- /dev/null
+++ b/src/lib/libssl/ssl_asn1.c
@@ -0,0 +1,313 @@
+/* ssl/ssl_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include "asn1_mac.h"
+#include "objects.h"
+#include "ssl_locl.h"
+typedef struct ssl_session_asn1_st
+        {
+        ASN1_INTEGER version;
+        ASN1_INTEGER ssl_version;
+        ASN1_OCTET_STRING cipher;
+        ASN1_OCTET_STRING master_key;
+        ASN1_OCTET_STRING session_id;
+        ASN1_OCTET_STRING key_arg;
+        ASN1_INTEGER time;
+        ASN1_INTEGER timeout;
+        } SSL_SESSION_ASN1;
+/*
+ * SSLerr(SSL_F_I2D_SSL_SESSION,SSL_R_CIPHER_CODE_WRONG_LENGTH);
+ * SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNSUPPORTED_CIPHER);
+ */
+int i2d_SSL_SESSION(in,pp)
+SSL_SESSION *in;
+unsigned char **pp;
+        {
+#define LSIZE2 (sizeof(long)*2)
+        int v1=0,v2=0,v3=0;
+        unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
+        unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2];
+        long l;
+        SSL_SESSION_ASN1 a;
+        M_ASN1_I2D_vars(in);
+        if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
+                return(0);
+        /* Note that I cheat in the following 2 assignments.  I know
+         * that if the ASN1_INTERGER passed to ASN1_INTEGER_set
+         * is > sizeof(long)+1, the buffer will not be re-Malloc()ed.
+         * This is a bit evil but makes things simple, no dynamic allocation
+         * to clean up :-) */
+        a.version.length=LSIZE2;
+        a.version.type=V_ASN1_INTEGER;
+        a.version.data=ibuf1;
+        ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
+        a.ssl_version.length=LSIZE2;
+        a.ssl_version.type=V_ASN1_INTEGER;
+        a.ssl_version.data=ibuf2;
+        ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
+        a.cipher.type=V_ASN1_OCTET_STRING;
+        a.cipher.data=buf;
+        if (in->cipher == NULL)
+                l=in->cipher_id;
+        else
+                l=in->cipher->id;
+        if (in->ssl_version == SSL2_VERSION)
+                {
+                a.cipher.length=3;
+                buf[0]=((unsigned char)(l>>16L))&0xff;
+                buf[1]=((unsigned char)(l>> 8L))&0xff;
+                buf[2]=((unsigned char)(l     ))&0xff;
+                }
+        else
+                {
+                a.cipher.length=2;
+                buf[0]=((unsigned char)(l>>8L))&0xff;
+                buf[1]=((unsigned char)(l    ))&0xff;
+                }
+        a.master_key.length=in->master_key_length;
+        a.master_key.type=V_ASN1_OCTET_STRING;
+        a.master_key.data=in->master_key;
+        a.session_id.length=in->session_id_length;
+        a.session_id.type=V_ASN1_OCTET_STRING;
+        a.session_id.data=in->session_id;
+        a.key_arg.length=in->key_arg_length;
+        a.key_arg.type=V_ASN1_OCTET_STRING;
+        a.key_arg.data=in->key_arg;
+        if (in->time != 0L)
+                {
+                a.time.length=LSIZE2;
+                a.time.type=V_ASN1_INTEGER;
+                a.time.data=ibuf3;
+                ASN1_INTEGER_set(&(a.time),in->time);
+                }
+        if (in->timeout != 0L)
+                {
+                a.timeout.length=LSIZE2;
+                a.timeout.type=V_ASN1_INTEGER;
+                a.timeout.data=ibuf4;
+                ASN1_INTEGER_set(&(a.timeout),in->timeout);
+                }
+        M_ASN1_I2D_len(&(a.version),            i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len(&(a.ssl_version),        i2d_ASN1_INTEGER);
+        M_ASN1_I2D_len(&(a.cipher),             i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_len(&(a.session_id),         i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_len(&(a.master_key),         i2d_ASN1_OCTET_STRING);
+        if (in->key_arg_length > 0)
+                M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
+        if (in->time != 0L)
+                M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+        if (in->timeout != 0L)
+                M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+        if (in->peer != NULL)
+                M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
+        M_ASN1_I2D_seq_total();
+        M_ASN1_I2D_put(&(a.version),            i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put(&(a.ssl_version),        i2d_ASN1_INTEGER);
+        M_ASN1_I2D_put(&(a.cipher),             i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_put(&(a.session_id),         i2d_ASN1_OCTET_STRING);
+        M_ASN1_I2D_put(&(a.master_key),         i2d_ASN1_OCTET_STRING);
+        if (in->key_arg_length > 0)
+                M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
+        if (in->time != 0L)
+                M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+        if (in->timeout != 0L)
+                M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+        if (in->peer != NULL)
+                M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
+        M_ASN1_I2D_finish();
+        }
+SSL_SESSION *d2i_SSL_SESSION(a,pp,length)
+SSL_SESSION **a;
+unsigned char **pp;
+long length;
+        {
+        int version,ssl_version=0,i;
+        long id;
+        ASN1_INTEGER ai,*aip;
+        ASN1_OCTET_STRING os,*osp;
+        M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
+        aip= &ai;
+        osp= &os;
+        M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+        ai.data=NULL; ai.length=0;
+        M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+        version=(int)ASN1_INTEGER_get(aip);
+        if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
+        /* we don't care about the version right now :-) */
+        M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+        ssl_version=(int)ASN1_INTEGER_get(aip);
+        ret->ssl_version=ssl_version;
+        if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
+        os.data=NULL; os.length=0;
+        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+        if (ssl_version == SSL2_VERSION)
+                {
+                if (os.length != 3)
+                        {
+                        c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+                        goto err;
+                        }
+                id=0x02000000L|
+                        ((unsigned long)os.data[0]<<16L)|
+                        ((unsigned long)os.data[1]<< 8L)|
+                         (unsigned long)os.data[2];
+                }
+        else if ((ssl_version>>8) == 3)
+                {
+                if (os.length != 2)
+                        {
+                        c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+                        goto err;
+                        }
+                id=0x03000000L|
+                        ((unsigned long)os.data[0]<<8L)|
+                         (unsigned long)os.data[1];
+                }
+        else
+                {
+                SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
+                return(NULL);
+                }
+        
+        ret->cipher=NULL;
+        ret->cipher_id=id;
+        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+        if ((ssl_version>>8) == SSL3_VERSION)
+                i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
+        else /* if (ssl_version == SSL2_VERSION) */
+                i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
+        if (os.length > i)
+                os.length=i;
+        ret->session_id_length=os.length;
+        memcpy(ret->session_id,os.data,os.length);
+        M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+        if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
+                ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+        else
+                ret->master_key_length=os.length;
+        memcpy(ret->master_key,os.data,ret->master_key_length);
+        os.length=0;
+        M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
+        if (os.length > SSL_MAX_KEY_ARG_LENGTH)
+                ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
+        else
+                ret->key_arg_length=os.length;
+        memcpy(ret->key_arg,os.data,ret->key_arg_length);
+        if (os.data != NULL) Free(os.data);
+        ai.length=0;
+        M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
+        if (ai.data != NULL)
+                {
+                ret->time=ASN1_INTEGER_get(aip);
+                Free(ai.data); ai.data=NULL; ai.length=0;
+                }
+        else
+                ret->time=time(NULL);
+        ai.length=0;
+        M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
+        if (ai.data != NULL)
+                {
+                ret->timeout=ASN1_INTEGER_get(aip);
+                Free(ai.data); ai.data=NULL; ai.length=0;
+                }
+        else
+                ret->timeout=3;
+        if (ret->peer != NULL)
+                {
+                X509_free(ret->peer);
+                ret->peer=NULL;
+                }
+        M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
+        M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
+        }
author	ryker <>	1998-10-05 20:13:14 +0000
committer	ryker <>	1998-10-05 20:13:14 +0000
commit	aeeae06a79815dc190061534d47236cec09f9e32 (patch)
tree	851692b9c2f9c04f077666855641900f19fdb217 /src/lib/libssl/ssl_asn1.c
parent	a4f79641824cbf9f60ca9d1168d1fcc46717a82a (diff)
download	openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.gz openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.bz2 openbsd-aeeae06a79815dc190061534d47236cec09f9e32.zip

diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c new file mode 100644 index 0000000000..116a83de64 --- /dev/null +++ b/src/lib/libssl/ssl_asn1.c
@@ -0,0 +1,313 @@
	1	/* ssl/ssl_asn1.c */
	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
	8	*
	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
	15	*
	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
	22	*
	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
	37	* 4. If you include any Windows specific code (or a derivative thereof) from
	38	* the apps directory (application code) you must include an acknowledgement:
	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
	40	*
	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
	52	*
	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58
	59	#include <stdio.h>
	60	#include <stdlib.h>
	61	#include "asn1_mac.h"
	62	#include "objects.h"
	63	#include "ssl_locl.h"
	64
	65	typedef struct ssl_session_asn1_st
	66	{
	67	ASN1_INTEGER version;
	68	ASN1_INTEGER ssl_version;
	69	ASN1_OCTET_STRING cipher;
	70	ASN1_OCTET_STRING master_key;
	71	ASN1_OCTET_STRING session_id;
	72	ASN1_OCTET_STRING key_arg;
	73	ASN1_INTEGER time;
	74	ASN1_INTEGER timeout;
	75	} SSL_SESSION_ASN1;
	76
	77	/*
	78	* SSLerr(SSL_F_I2D_SSL_SESSION,SSL_R_CIPHER_CODE_WRONG_LENGTH);
	79	* SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNSUPPORTED_CIPHER);
	80	*/
	81
	82	int i2d_SSL_SESSION(in,pp)
	83	SSL_SESSION *in;
	84	unsigned char **pp;
	85	{
	86	#define LSIZE2 (sizeof(long)*2)
	87	int v1=0,v2=0,v3=0;
	88	unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
	89	unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2];
	90	long l;
	91	SSL_SESSION_ASN1 a;
	92	M_ASN1_I2D_vars(in);
	93
	94	if ((in == NULL) \|\| ((in->cipher == NULL) && (in->cipher_id == 0)))
	95	return(0);
	96
	97	/* Note that I cheat in the following 2 assignments. I know
	98	* that if the ASN1_INTERGER passed to ASN1_INTEGER_set
	99	* is > sizeof(long)+1, the buffer will not be re-Malloc()ed.
	100	* This is a bit evil but makes things simple, no dynamic allocation
	101	* to clean up :-) */
	102	a.version.length=LSIZE2;
	103	a.version.type=V_ASN1_INTEGER;
	104	a.version.data=ibuf1;
	105	ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
	106
	107	a.ssl_version.length=LSIZE2;
	108	a.ssl_version.type=V_ASN1_INTEGER;
	109	a.ssl_version.data=ibuf2;
	110	ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
	111
	112	a.cipher.type=V_ASN1_OCTET_STRING;
	113	a.cipher.data=buf;
	114
	115	if (in->cipher == NULL)
	116	l=in->cipher_id;
	117	else
	118	l=in->cipher->id;
	119	if (in->ssl_version == SSL2_VERSION)
	120	{
	121	a.cipher.length=3;
	122	buf[0]=((unsigned char)(l>>16L))&0xff;
	123	buf[1]=((unsigned char)(l>> 8L))&0xff;
	124	buf[2]=((unsigned char)(l ))&0xff;
	125	}
	126	else
	127	{
	128	a.cipher.length=2;
	129	buf[0]=((unsigned char)(l>>8L))&0xff;
	130	buf[1]=((unsigned char)(l ))&0xff;
	131	}
	132
	133	a.master_key.length=in->master_key_length;
	134	a.master_key.type=V_ASN1_OCTET_STRING;
	135	a.master_key.data=in->master_key;
	136
	137	a.session_id.length=in->session_id_length;
	138	a.session_id.type=V_ASN1_OCTET_STRING;
	139	a.session_id.data=in->session_id;
	140
	141	a.key_arg.length=in->key_arg_length;
	142	a.key_arg.type=V_ASN1_OCTET_STRING;
	143	a.key_arg.data=in->key_arg;
	144
	145	if (in->time != 0L)
	146	{
	147	a.time.length=LSIZE2;
	148	a.time.type=V_ASN1_INTEGER;
	149	a.time.data=ibuf3;
	150	ASN1_INTEGER_set(&(a.time),in->time);
	151	}
	152
	153	if (in->timeout != 0L)
	154	{
	155	a.timeout.length=LSIZE2;
	156	a.timeout.type=V_ASN1_INTEGER;
	157	a.timeout.data=ibuf4;
	158	ASN1_INTEGER_set(&(a.timeout),in->timeout);
	159	}
	160
	161	M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
	162	M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
	163	M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
	164	M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
	165	M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
	166	if (in->key_arg_length > 0)
	167	M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
	168	if (in->time != 0L)
	169	M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
	170	if (in->timeout != 0L)
	171	M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
	172	if (in->peer != NULL)
	173	M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
	174
	175	M_ASN1_I2D_seq_total();
	176
	177	M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
	178	M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
	179	M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
	180	M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
	181	M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
	182	if (in->key_arg_length > 0)
	183	M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
	184	if (in->time != 0L)
	185	M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
	186	if (in->timeout != 0L)
	187	M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
	188	if (in->peer != NULL)
	189	M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
	190
	191	M_ASN1_I2D_finish();
	192	}
	193
	194	SSL_SESSION *d2i_SSL_SESSION(a,pp,length)
	195	SSL_SESSION **a;
	196	unsigned char **pp;
	197	long length;
	198	{
	199	int version,ssl_version=0,i;
	200	long id;
	201	ASN1_INTEGER ai,*aip;
	202	ASN1_OCTET_STRING os,*osp;
	203	M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
	204
	205	aip= &ai;
	206	osp= &os;
	207
	208	M_ASN1_D2I_Init();
	209	M_ASN1_D2I_start_sequence();
	210
	211	ai.data=NULL; ai.length=0;
	212	M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
	213	version=(int)ASN1_INTEGER_get(aip);
	214	if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
	215
	216	/* we don't care about the version right now :-) */
	217	M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
	218	ssl_version=(int)ASN1_INTEGER_get(aip);
	219	ret->ssl_version=ssl_version;
	220	if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
	221
	222	os.data=NULL; os.length=0;
	223	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
	224	if (ssl_version == SSL2_VERSION)
	225	{
	226	if (os.length != 3)
	227	{
	228	c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
	229	goto err;
	230	}
	231	id=0x02000000L\|
	232	((unsigned long)os.data[0]<<16L)\|
	233	((unsigned long)os.data[1]<< 8L)\|
	234	(unsigned long)os.data[2];
	235	}
	236	else if ((ssl_version>>8) == 3)
	237	{
	238	if (os.length != 2)
	239	{
	240	c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
	241	goto err;
	242	}
	243	id=0x03000000L\|
	244	((unsigned long)os.data[0]<<8L)\|
	245	(unsigned long)os.data[1];
	246	}
	247	else
	248	{
	249	SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
	250	return(NULL);
	251	}
	252
	253	ret->cipher=NULL;
	254	ret->cipher_id=id;
	255
	256	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
	257	if ((ssl_version>>8) == SSL3_VERSION)
	258	i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
	259	else /* if (ssl_version == SSL2_VERSION) */
	260	i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
	261
	262	if (os.length > i)
	263	os.length=i;
	264
	265	ret->session_id_length=os.length;
	266	memcpy(ret->session_id,os.data,os.length);
	267
	268	M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
	269	if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
	270	ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
	271	else
	272	ret->master_key_length=os.length;
	273	memcpy(ret->master_key,os.data,ret->master_key_length);
	274
	275	os.length=0;
	276	M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
	277	if (os.length > SSL_MAX_KEY_ARG_LENGTH)
	278	ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
	279	else
	280	ret->key_arg_length=os.length;
	281	memcpy(ret->key_arg,os.data,ret->key_arg_length);
	282	if (os.data != NULL) Free(os.data);
	283
	284	ai.length=0;
	285	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
	286	if (ai.data != NULL)
	287	{
	288	ret->time=ASN1_INTEGER_get(aip);
	289	Free(ai.data); ai.data=NULL; ai.length=0;
	290	}
	291	else
	292	ret->time=time(NULL);
	293
	294	ai.length=0;
	295	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
	296	if (ai.data != NULL)
	297	{
	298	ret->timeout=ASN1_INTEGER_get(aip);
	299	Free(ai.data); ai.data=NULL; ai.length=0;
	300	}
	301	else
	302	ret->timeout=3;
	303
	304	if (ret->peer != NULL)
	305	{
	306	X509_free(ret->peer);
	307	ret->peer=NULL;
	308	}
	309	M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
	310
	311	M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
	312	}
	313