1 files changed, 27 insertions, 0 deletions

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index fa6456e4f5..d0487e5af5 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -72,6 +72,9 @@ typedef struct ssl_session_asn1_st
 	ASN1_OCTET_STRING session_id;
 	ASN1_OCTET_STRING session_id_context;
 	ASN1_OCTET_STRING key_arg;
+#ifndef OPENSSL_NO_KRB5
+        ASN1_OCTET_STRING krb5_princ;
+#endif /* OPENSSL_NO_KRB5 */
 	ASN1_INTEGER time;
 	ASN1_INTEGER timeout;
 	ASN1_INTEGER verify_result;
@@ -142,6 +145,12 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 	a.key_arg.type=V_ASN1_OCTET_STRING;
 	a.key_arg.data=in->key_arg;
 
+#ifndef OPENSSL_NO_KRB5
+	a.krb5_princ.length=in->krb5_client_princ_len;
+	a.krb5_princ.type=V_ASN1_OCTET_STRING;
+	a.krb5_princ.data=in->krb5_client_princ;
+#endif /* OPENSSL_NO_KRB5 */
+ 
 	if (in->time != 0L)
 		{
 		a.time.length=LSIZE2;
@@ -166,11 +175,15 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 		ASN1_INTEGER_set(&a.verify_result,in->verify_result);
 		}
 
+
 	M_ASN1_I2D_len(&(a.version),		i2d_ASN1_INTEGER);
 	M_ASN1_I2D_len(&(a.ssl_version),	i2d_ASN1_INTEGER);
 	M_ASN1_I2D_len(&(a.cipher),		i2d_ASN1_OCTET_STRING);
 	M_ASN1_I2D_len(&(a.session_id),		i2d_ASN1_OCTET_STRING);
 	M_ASN1_I2D_len(&(a.master_key),		i2d_ASN1_OCTET_STRING);
+#ifndef OPENSSL_NO_KRB5
+        M_ASN1_I2D_len(&(a.krb5_princ),         i2d_ASN1_OCTET_STRING);
+#endif /* OPENSSL_NO_KRB5 */
 	if (in->key_arg_length > 0)
 		M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
 	if (in->time != 0L)
@@ -190,6 +203,9 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 	M_ASN1_I2D_put(&(a.cipher),		i2d_ASN1_OCTET_STRING);
 	M_ASN1_I2D_put(&(a.session_id),		i2d_ASN1_OCTET_STRING);
 	M_ASN1_I2D_put(&(a.master_key),		i2d_ASN1_OCTET_STRING);
+#ifndef OPENSSL_NO_KRB5
+        M_ASN1_I2D_put(&(a.krb5_princ),         i2d_ASN1_OCTET_STRING);
+#endif /* OPENSSL_NO_KRB5 */
 	if (in->key_arg_length > 0)
 		M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
 	if (in->time != 0L)
@@ -293,6 +309,17 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
 	memcpy(ret->key_arg,os.data,ret->key_arg_length);
 	if (os.data != NULL) OPENSSL_free(os.data);
 
+#ifndef OPENSSL_NO_KRB5
+        os.length=0;
+        M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
+        if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
+            ret->krb5_client_princ_len=0;
+	else
+            ret->krb5_client_princ_len=os.length;
+	memcpy(ret->krb5_client_princ,os.data,ret->krb5_client_princ_len);
+	if (os.data != NULL) OPENSSL_free(os.data);
+#endif /* OPENSSL_NO_KRB5 */
+
 	ai.length=0;
 	M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
 	if (ai.data != NULL)