1 files changed, 11 insertions, 11 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 8ebeb273fe..52a1a0cc47 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.80 2018/04/25 07:10:39 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.81 2018/08/24 18:10:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -420,8 +420,8 @@ sess_id_done:
 *   session_id: points at the session ID in the ClientHello. This code will
 *       read past the end of this in order to parse out the session ticket
 *       extension, if any.
- *   len: the length of the session ID.
+ *   session_id_len: the length of the session ID.
- *   limit: a pointer to the first byte after the ClientHello.
+ *   ext_block: a CBS for the ClientHello extensions block.
 *
 * Returns:
 *   -1: error
@@ -435,8 +435,8 @@ sess_id_done:
 *     to 1 if the server should issue a new session ticket (to 0 otherwise).
 */
 int
-ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
+ssl_get_prev_session(SSL *s, const unsigned char *session_id,
-    const unsigned char *limit)
+    int session_id_len, CBS *ext_block)
 {
        SSL_SESSION *ret = NULL;
        int fatal = 0;
@@ -445,14 +445,14 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
        /* This is used only by servers. */
-        if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
+        if (session_id_len > SSL_MAX_SSL_SESSION_ID_LENGTH)
                goto err;
-        if (len == 0)
+        if (session_id_len == 0)
                try_session_cache = 0;
        /* Sets s->internal->tlsext_ticket_expected. */
-        r = tls1_process_ticket(s, session_id, len, limit, &ret);
+        r = tls1_process_ticket(s, session_id, session_id_len, ext_block, &ret);
        switch (r) {
        case -1: /* Error during processing */
                fatal = 1;
@@ -473,8 +473,8 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
             SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
                SSL_SESSION data;
                data.ssl_version = s->version;
-                data.session_id_length = len;
+                data.session_id_length = session_id_len;
-                memcpy(data.session_id, session_id, len);
+                memcpy(data.session_id, session_id, session_id_len);
                CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
                ret = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);
@@ -494,7 +494,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
                int copy = 1;
                if ((ret = s->session_ctx->internal->get_session_cb(s,
-                    session_id, len, &copy))) {
+                    session_id, session_id_len, &copy))) {
                        s->session_ctx->internal->stats.sess_cb_hit++;
                        /*

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 8ebeb273fe..52a1a0cc47 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.80 2018/04/25 07:10:39 tb Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.81 2018/08/24 18:10:25 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -420,8 +420,8 @@ sess_id_done:
420	* session_id: points at the session ID in the ClientHello. This code will	420	* session_id: points at the session ID in the ClientHello. This code will
421	* read past the end of this in order to parse out the session ticket	421	* read past the end of this in order to parse out the session ticket
422	* extension, if any.	422	* extension, if any.
423	* len: the length of the session ID.	423	* session_id_len: the length of the session ID.
424	* limit: a pointer to the first byte after the ClientHello.	424	* ext_block: a CBS for the ClientHello extensions block.
425	*	425	*
426	* Returns:	426	* Returns:
427	* -1: error	427	* -1: error
@@ -435,8 +435,8 @@ sess_id_done:
435	* to 1 if the server should issue a new session ticket (to 0 otherwise).	435	* to 1 if the server should issue a new session ticket (to 0 otherwise).
436	*/	436	*/
437	int	437	int
438	ssl_get_prev_session(SSL s, unsigned char session_id, int len,	438	ssl_get_prev_session(SSL s, const unsigned char session_id,
439	const unsigned char *limit)	439	int session_id_len, CBS *ext_block)
440	{	440	{
441	SSL_SESSION *ret = NULL;	441	SSL_SESSION *ret = NULL;
442	int fatal = 0;	442	int fatal = 0;
@@ -445,14 +445,14 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
445		445
446	/* This is used only by servers. */	446	/* This is used only by servers. */
447		447
448	if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)	448	if (session_id_len > SSL_MAX_SSL_SESSION_ID_LENGTH)
449	goto err;	449	goto err;
450		450
451	if (len == 0)	451	if (session_id_len == 0)
452	try_session_cache = 0;	452	try_session_cache = 0;
453		453
454	/* Sets s->internal->tlsext_ticket_expected. */	454	/* Sets s->internal->tlsext_ticket_expected. */
455	r = tls1_process_ticket(s, session_id, len, limit, &ret);	455	r = tls1_process_ticket(s, session_id, session_id_len, ext_block, &ret);
456	switch (r) {	456	switch (r) {
457	case -1: /* Error during processing */	457	case -1: /* Error during processing */
458	fatal = 1;	458	fatal = 1;
@@ -473,8 +473,8 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
473	SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {	473	SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
474	SSL_SESSION data;	474	SSL_SESSION data;
475	data.ssl_version = s->version;	475	data.ssl_version = s->version;
476	data.session_id_length = len;	476	data.session_id_length = session_id_len;
477	memcpy(data.session_id, session_id, len);	477	memcpy(data.session_id, session_id, session_id_len);
478		478
479	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);	479	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
480	ret = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);	480	ret = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);
@@ -494,7 +494,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
494	int copy = 1;	494	int copy = 1;
495		495
496	if ((ret = s->session_ctx->internal->get_session_cb(s,	496	if ((ret = s->session_ctx->internal->get_session_cb(s,
497	session_id, len, &copy))) {	497	session_id, session_id_len, &copy))) {
498	s->session_ctx->internal->stats.sess_cb_hit++;	498	s->session_ctx->internal->stats.sess_cb_hit++;
499		499
500	/*	500	/*