=head1 NAME
-SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id - manipulate generation of SSL session IDs (server only)
+SSL_CTX_set_generate_session_id, SSL_set_generate_session_id,
+SSL_has_matching_session_id, GEN_SESSION_CB
+- manipulate generation of SSL session IDs (server only)
=head1 SYNOPSIS
#define MAX_SESSION_ID_ATTEMPTS 10
static int generate_session_id(const SSL *ssl, unsigned char *id,
- unsigned int *id_len)
+ unsigned int *id_len)
{
- unsigned int count = 0;
- do {
- RAND_pseudo_bytes(id, *id_len);
- /*
- * Prefix the session_id with the required prefix. NB: If our
- * prefix is too long, clip it - but there will be worse effects
- * anyway, eg. the server could only possibly create 1 session
- * ID (ie. the prefix!) so all future session negotiations will
- * fail due to conflicts.
- */
- memcpy(id, session_id_prefix,
- (strlen(session_id_prefix) < *id_len) ?
- strlen(session_id_prefix) : *id_len);
- }
- while (SSL_has_matching_session_id(ssl, id, *id_len) &&
- (++count < MAX_SESSION_ID_ATTEMPTS));
- if (count >= MAX_SESSION_ID_ATTEMPTS)
- return 0;
- return 1;
- }
+ unsigned int count = 0;
+
+ do {
+ RAND_pseudo_bytes(id, *id_len);
+ /*
+ * Prefix the session_id with the required prefix. NB: If our
+ * prefix is too long, clip it - but there will be worse effects
+ * anyway, eg. the server could only possibly create 1 session
+ * ID (ie. the prefix!) so all future session negotiations will
+ * fail due to conflicts.
+ */
+ memcpy(id, session_id_prefix, strlen(session_id_prefix) < *id_len ?
+ strlen(session_id_prefix) : *id_len);
+ } while (SSL_has_matching_session_id(ssl, id, *id_len)
+ && ++count < MAX_SESSION_ID_ATTEMPTS);
+ if (count >= MAX_SESSION_ID_ATTEMPTS)
+ return 0;
+ return 1;
+ }
=head1 RETURN VALUES
Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
-Licensed under the OpenSSL license (the "License"). You may not use
+Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.