commit 688d8dfe48bb5510ad6390add0d676729dce8397
author David Benjamin <davidben@chromium.org> Sun Nov 02 23:06:42 2014 -0500
committer Adam Langley <agl@google.com> Mon Nov 10 23:59:47 2014 +0000
tree f2e7c8bf969b53f1cf87b638786d58424f723310
parent e1b20a013633754378439f041a72c498d29ed413

Remove psk_identity_hint from SSL_SESSION.

There's not much point in retaining the identity hint in the SSL_SESSION. This
avoids the complexity around setting psk_identity hint on either the SSL or the
SSL_SESSION. Introduce a peer_psk_identity_hint for the client to store the one
received from the server.

This changes the semantics of SSL_get_psk_identity_hint; it now only returns
the value configured for the server. The client learns the hint through the
callback. This is compatible with the one use of this API in conscrypt (it
pulls the hint back out to pass to a callback).

Change-Id: I6d9131636b47f13ac5800b4451436a057021054a
Reviewed-on: https://boringssl-review.googlesource.com/2213
Reviewed-by: Adam Langley <agl@google.com>

ssl/ssl_asn1.c

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index ef7ebdc..28d5988 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -105,7 +105,6 @@
  *     verifyResult            [5] INTEGER OPTIONAL,  -- one of X509_V_* codes
  *     hostName                [6] OCTET STRING OPTIONAL,
  *                                 -- from server_name extension
- *     pskIdentityHint         [7] OCTET STRING OPTIONAL,
  *     pskIdentity             [8] OCTET STRING OPTIONAL,
  *     ticketLifetimeHint      [9] INTEGER OPTIONAL,       -- client-only
  *     ticket                  [10] OCTET STRING OPTIONAL, -- client-only
@@ -118,8 +117,13 @@
  *     extendedMasterSecret    [17] BOOLEAN OPTIONAL,
  * }
  *
- * Note: When the relevant features were #ifdef'd out, support for
- * parsing compressionMethod [11] and srpUsername [12] was lost. */
+ * Note: historically this serialization has included other optional
+ * fields. Their presense is currently treated as a parse error:
+ *
+ *     keyArg                  [0] IMPLICIT OCTET STRING OPTIONAL,
+ *     pskIdentityHint         [7] OCTET STRING OPTIONAL,
+ *     compressionMethod       [11] OCTET STRING OPTIONAL,
+ *     srpUsername             [12] OCTET STRING OPTIONAL, */
 
 static const int kTimeTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1;
@@ -133,8 +137,6 @@
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 5;
 static const int kHostNameTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 6;
-static const int kPSKIdentityHintTag =
-    CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 7;
 static const int kPSKIdentityTag =
     CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 8;
 static const int kTicketLifetimeHintTag =
@@ -247,16 +249,6 @@
     }
   }
 
-  if (in->psk_identity_hint) {
-    if (!CBB_add_asn1(&session, &child, kPSKIdentityHintTag) ||
-        !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
-        !CBB_add_bytes(&child2, (const uint8_t *)in->psk_identity_hint,
-                       strlen(in->psk_identity_hint))) {
-      OPENSSL_PUT_ERROR(SSL, i2d_SSL_SESSION, ERR_R_MALLOC_FAILURE);
-      goto err;
-    }
-  }
-
   if (in->psk_identity) {
     if (!CBB_add_asn1(&session, &child, kPSKIdentityTag) ||
         !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
@@ -460,8 +452,6 @@
   }
   if (!d2i_SSL_SESSION_get_string(&session, &ret->tlsext_hostname,
                                   kHostNameTag) ||
-      !d2i_SSL_SESSION_get_string(&session, &ret->psk_identity_hint,
-                                  kPSKIdentityHintTag) ||
       !d2i_SSL_SESSION_get_string(&session, &ret->psk_identity,
                                   kPSKIdentityTag)) {
     goto err;