diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-10-30 14:06:03 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-10-30 14:06:03 +0000 |
commit | 4b4ba6a8878dec6d8c0e0d052addcc9a62950453 (patch) | |
tree | 738f0ac29cc56af6106b2139600074424293825b /ssl/s3_clnt.c | |
parent | bb4060c5b564012cc5bc8223dc76888d5ac587ae (diff) |
Generate stateless session ID just after the ticket is received instead
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
Diffstat (limited to 'ssl/s3_clnt.c')
-rw-r--r-- | ssl/s3_clnt.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 9322f629ce..35583ef30e 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1844,7 +1844,28 @@ int ssl3_get_new_session_ticket(SSL *s) } memcpy(s->session->tlsext_tick, p, ticklen); s->session->tlsext_ticklen = ticklen; - + /* There are two ways to detect a resumed ticket sesion. + * One is to set an appropriate session ID and then the server + * must return a match in ServerHello. This allows the normal + * client session ID matching to work and we know much + * earlier that the ticket has been accepted. + * + * The other way is to set zero length session ID when the + * ticket is presented and rely on the handshake to determine + * session resumption. + * + * We choose the former approach because this fits in with + * assumptions elsewhere in OpenSSL. The session ID is set + * to the SHA256 (or SHA1 is SHA256 is disabled) hash of the + * ticket. + */ + EVP_Digest(p, ticklen, + s->session->session_id, &s->session->session_id_length, +#ifndef OPENSSL_NO_SHA256 + EVP_sha256(), NULL); +#else + EVP_sha1(), NULL); +#endif ret=1; return(ret); f_err: |