diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2008-11-15 17:18:12 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2008-11-15 17:18:12 +0000 |
commit | 12bf56c017a34bd0d5fc6d817564ae49d0a9e861 (patch) | |
tree | 09b94269d5872083636a81b6c0c3e6b83ada6c55 /ssl/ssl_sess.c | |
parent | 93c4ba07d715fc8e3bad982ef4ea33e90d6a344e (diff) |
PR: 1574
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org
Ticket override support for EAP-FAST.
Diffstat (limited to 'ssl/ssl_sess.c')
-rw-r--r-- | ssl/ssl_sess.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 1378f7600e..4c72f18a75 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -834,6 +834,61 @@ long SSL_CTX_get_timeout(const SSL_CTX *s) return(s->session_timeout); } +#ifndef OPENSSL_NO_TLSEXT +int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, + STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) + { + if (s == NULL) return(0); + s->tls_session_secret_cb = tls_session_secret_cb; + s->tls_session_secret_cb_arg = arg; + return(1); + } + +int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, + void *arg) + { + if (s == NULL) return(0); + s->tls_session_ticket_ext_cb = cb; + s->tls_session_ticket_ext_cb_arg = arg; + return(1); + } + +int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) + { + if (s->version >= TLS1_VERSION) + { + if (s->tlsext_session_ticket) + { + OPENSSL_free(s->tlsext_session_ticket); + s->tlsext_session_ticket = NULL; + } + + s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); + if (!s->tlsext_session_ticket) + { + SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE); + return 0; + } + + if (ext_data) + { + s->tlsext_session_ticket->length = ext_len; + s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1; + memcpy(s->tlsext_session_ticket->data, ext_data, ext_len); + } + else + { + s->tlsext_session_ticket->length = 0; + s->tlsext_session_ticket->data = NULL; + } + + return 1; + } + + return 0; + } +#endif /* OPENSSL_NO_TLSEXT */ + typedef struct timeout_param_st { SSL_CTX *ctx; |