Send and receive the ticket_nonce field in a NewSessionTicket This just adds the processing for sending and receiving the newly added ticket_nonce field. It doesn't actually use it yet. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3852)

commit: 9b6a82546151d6f971628e2d7828752ee47bfef7 [log] [tgz]
author: Matt Caswell <matt@openssl.org> Wed Jul 05 08:45:46 2017 +0100
committer: Matt Caswell <matt@openssl.org> Fri Jul 07 15:02:09 2017 +0100
tree: d06ef726a463be94649301639b19307a59260fc0
parent: 07ff590f8f2d0affcd89afad103274100bb5705b [diff] [blame]
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 53aa1dc..e6c7226 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c

@@ -2421,9 +2421,15 @@
     unsigned long ticket_lifetime_hint, age_add = 0;
     unsigned int sess_len;
     RAW_EXTENSION *exts = NULL;
+    PACKET nonce;
 
     if (!PACKET_get_net_4(pkt, &ticket_lifetime_hint)
-        || (SSL_IS_TLS13(s) && !PACKET_get_net_4(pkt, &age_add))
+        || (SSL_IS_TLS13(s)
+            && (!PACKET_get_net_4(pkt, &age_add)
+                || !PACKET_get_length_prefixed_1(pkt, &nonce)
+                || PACKET_remaining(&nonce) == 0
+                || !PACKET_memdup(&nonce, &s->session->ext.tick_nonce,
+                                  &s->session->ext.tick_nonce_len)))
         || !PACKET_get_net_2(pkt, &ticklen)
         || (!SSL_IS_TLS13(s) && PACKET_remaining(pkt) != ticklen)
         || (SSL_IS_TLS13(s)
commit	9b6a82546151d6f971628e2d7828752ee47bfef7	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Wed Jul 05 08:45:46 2017 +0100
committer	Matt Caswell <matt@openssl.org>	Fri Jul 07 15:02:09 2017 +0100
tree	d06ef726a463be94649301639b19307a59260fc0
parent	07ff590f8f2d0affcd89afad103274100bb5705b [diff] [blame]