Updates following review feedback of TLSv1.3 draft-21 code

Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3852)
2017-07-07 11:21:29 +01:00 · 2017-07-07 11:21:29 +01:00 · 5159821540
commit 5159821540
parent 8f81476145
2 changed files with 3 additions and 6 deletions
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@ -128,9 +128,8 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
 #endif
    dest->peer_chain = NULL;
    dest->peer = NULL;
-    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
-
    dest->ext.tick_nonce = NULL;
+    memset(&dest->ex_data, 0, sizeof(dest->ex_data));

    /* We deliberately don't copy the prev and next pointers */
    dest->prev = NULL;
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@ -3511,10 +3511,8 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
                               ? 0 : s->session->timeout)
            || (SSL_IS_TLS13(s)
                && (!WPACKET_put_bytes_u32(pkt, age_add_u.age_add)
-                       /* ticket_nonce */
-                    || !WPACKET_start_sub_packet_u8(pkt)
-                    || !WPACKET_put_bytes_u8(pkt, 0)
-                    || !WPACKET_close(pkt)))
+                    || !WPACKET_sub_memcpy_u8(pkt, s->session->ext.tick_nonce,
+                                              s->session->ext.tick_nonce_len)))
               /* Now the actual ticket data */
            || !WPACKET_start_sub_packet_u16(pkt)
            || !WPACKET_get_total_written(pkt, &macoffset)