diff options
| author | Matt Caswell <matt@openssl.org> | 2015-02-08 15:43:16 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-02-10 22:54:09 +0000 |
| commit | f2baac27d5f95326fa441e1cb08925b46f88b21c (patch) | |
| tree | 9a8b14802d81f8833971f24480a56d6f79470f85 | |
| parent | 75ea3632bd4d647dae8191da4b228f491bec975d (diff) | |
Provide the API functions SSL_SESSION_has_ticket and
SSL_SESSION_get_ticket_lifetime_hint. The latter has been reported as
required to fix Qt for OpenSSL 1.1.0. I have also added the former in order
to determine whether a ticket is present or not - otherwise it is difficult
to know whether a zero lifetime hint is because the server set it to 0, or
because there is no ticket.
Reviewed-by: Tim Hudson <tjh@openssl.org>
| -rw-r--r-- | doc/ssl/SSL_SESSION_has_ticket.pod | 34 | ||||
| -rw-r--r-- | ssl/ssl.h | 2 | ||||
| -rw-r--r-- | ssl/ssl_sess.c | 10 |
3 files changed, 46 insertions, 0 deletions
diff --git a/doc/ssl/SSL_SESSION_has_ticket.pod b/doc/ssl/SSL_SESSION_has_ticket.pod new file mode 100644 index 0000000000..bf249a4ab9 --- /dev/null +++ b/doc/ssl/SSL_SESSION_has_ticket.pod @@ -0,0 +1,34 @@ +=pod + +=head1 NAME + +SSL_SESSION_has_ticket, SSL_SESSION_get_ticket_lifetime_hint - check whether a session has an associated ticket, and get its lifetime hint. + +=head1 SYNOPSIS + + #include <openssl/ssl.h> + + int SSL_SESSION_has_ticket(const SSL_SESSION *s); + unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s); + +=head1 DESCRIPTION + +SSL_SESSION_has_ticket() returns 1 if there is a Session Ticket associated with +this session, and 0 otherwise. + +SSL_SESSION_get_ticket_lifetime_hint returns the lifetime hint in seconds +associated with the session ticket. + +=head1 SEE ALSO + +L<ssl(3)|ssl(3)>, +L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>, +L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>, +L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> + +=head1 HISTORY + +SSL_SESSION_has_ticket and SSL_SESSION_get_ticket_lifetime_hint were added in +OpenSSL 1.1.0. + +=cut @@ -1460,6 +1460,8 @@ long SSL_SESSION_get_time(const SSL_SESSION *s); long SSL_SESSION_set_time(SSL_SESSION *s, long t); long SSL_SESSION_get_timeout(const SSL_SESSION *s); long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); +int SSL_SESSION_has_ticket(const SSL_SESSION *s); +unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s); void SSL_copy_session_id(SSL *to, const SSL *from); X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 0eda59e1e7..0f07ed58a1 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -848,6 +848,16 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t) return (t); } +int SSL_SESSION_has_ticket(const SSL_SESSION *s) +{ + return (s->tlsext_ticklen > 0) ? 1 : 0; +} + +unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s) +{ + return s->tlsext_tick_lifetime_hint; +} + X509 *SSL_SESSION_get0_peer(SSL_SESSION *s) { return s->peer; |