return(ss);
}
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
+ {
+ if(len)
+ *len = s->session_id_length;
+ return s->session_id;
+ }
+
/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
* has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
* until we have no conflict is going to complete in one iteration pretty much
if (copy)
CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
- /* The following should not return 1, otherwise,
- * things are very strange */
- SSL_CTX_add_session(s->ctx,ret);
+ /* Add the externally cached session to the internal
+ * cache as well if and only if we are supposed to. */
+ if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
+ /* The following should not return 1, otherwise,
+ * things are very strange */
+ SSL_CTX_add_session(s->ctx,ret);
}
if (ret == NULL)
goto err;
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
- memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
- memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
- memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
+ OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg);
+ OPENSSL_cleanse(ss->master_key,sizeof ss->master_key);
+ OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
if (ss->peer != NULL) X509_free(ss->peer);
if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
- memset(ss,0,sizeof(*ss));
+ OPENSSL_cleanse(ss,sizeof(*ss));
OPENSSL_free(ss);
}