For better forward-security support, add functions

SSL_[CTX_]set_not_resumable_session_callback.

Submitted by: Emilia Kasper (Google)

[A part of this change affecting ssl/s3_lib.c was accidentally commited
separately, together with a compilation fix for that file;
see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]

1 files changed, 10 insertions, 2 deletions

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index c2874e7feb..bc6ece47c1 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1251,6 +1251,13 @@ int ssl3_get_client_hello(SSL *s)
 			goto f_err;
 			}
 		s->s3->tmp.new_cipher=c;
+		/* check whether we should disable session resumption */
+		if (s->not_resumable_session_cb != NULL)
+			s->session->not_resumable=s->not_resumable_session_cb(s,
+				((c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH)) != 0));
+		if (s->session->not_resumable)
+			/* do not send a session ticket */
+			s->tlsext_ticket_expected = 0;
 		}
 	else
 		{
@@ -1354,8 +1361,9 @@ int ssl3_send_server_hello(SSL *s)
 		 * if session caching is disabled so existing functionality
 		 * is unaffected.
 		 */
-		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
-			&& !s->hit)
+		if (s->session->not_resumable ||
+			(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
+				&& !s->hit))
 			s->session->session_id_length=0;
 
 		sl=s->session->session_id_length;