Add support for the age_add field

Update SSL_SESSION to store the age_add and use it where needed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)

1 files changed, 6 insertions, 4 deletions

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 20e521a..98171b9 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3250,6 +3250,12 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
         uint32_t age_add;
     } age_add_u;
 
+    if (SSL_IS_TLS13(s)) {
+        if (RAND_bytes(age_add_u.age_add_c, sizeof(age_add_u)) <= 0)
+            goto err;
+        s->session->ext.tick_age_add = age_add_u.age_add;
+    }
+
     /* get session encoding length */
     slen_full = i2d_SSL_SESSION(s->session, NULL);
     /*
@@ -3341,10 +3347,6 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
                sizeof(tctx->ext.tick_key_name));
     }
 
-    if (SSL_IS_TLS13(s) && RAND_bytes(age_add_u.age_add_c,
-                                      sizeof(age_add_u)) <= 0)
-        goto err;
-
     /*
      * Ticket lifetime hint (advisory only): We leave this unspecified
      * for resumed session (for simplicity), and guess that tickets for