TLS ticket key setting callback: this allows and application to set

its own TLS ticket keys.
author: Dr. Stephen Henson <steve@openssl.org> 2008-04-30 16:11:33 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2008-04-30 16:11:33 +0000
commit: db533c96e35ccdb8f97f0e5e98ab9db9c4938ca1 (patch)
tree: c1f1d11c3ad840a17626e453cec54c5e10cf970d /ssl/ssl.h
parent: 8831eb7624992ded000310586c99cf6f226a6e19 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 75159231b7..6df921f3c1 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -187,6 +187,7 @@
 #include <openssl/buffer.h>
 #endif
 #include <openssl/pem.h>
+#include <openssl/hmac.h>
 
 #include <openssl/kssl.h>
 #include <openssl/safestack.h>
@@ -767,7 +768,12 @@ struct ssl_ctx_st
 	unsigned char tlsext_tick_key_name[16];
 	unsigned char tlsext_tick_hmac_key[16];
 	unsigned char tlsext_tick_aes_key[16];
-  
+	/* Callback to support customisation of ticket key setting */
+	int (*tlsext_ticket_key_cb)(SSL *ssl,
+					unsigned char *name, unsigned char *iv,
+					EVP_CIPHER_CTX *ectx,
+					HMAC_CTX *hctx, int enc);
+
 	/* certificate status request info */
 	/* Callback for status request */
 	int (*tlsext_status_cb)(SSL *ssl, void *arg);
@@ -1252,6 +1258,8 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS	69
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP	70
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP	71
+
+#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB	72
 #endif
 
 #define SSL_session_reused(ssl) \
author	Dr. Stephen Henson <steve@openssl.org>	2008-04-30 16:11:33 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2008-04-30 16:11:33 +0000
commit	db533c96e35ccdb8f97f0e5e98ab9db9c4938ca1 (patch)
tree	c1f1d11c3ad840a17626e453cec54c5e10cf970d /ssl/ssl.h
parent	8831eb7624992ded000310586c99cf6f226a6e19 (diff)