From: Matt Caswell <matt@openssl.org>
Date: Tue, 14 Mar 2017 17:26:46 +0000 (+0000)
Subject: Ensure we set the session id context in ossl_shim
X-Git-Tag: OpenSSL_1_1_1-pre1~2040
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=e29d7cea332e58678640aaa84c6ddfaa0adce74f

Ensure we set the session id context in ossl_shim

OpenSSL requires that we set the session id context. BoringSSL apparently
does not require this, so wasn't setting it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2942)
---

diff --git a/test/ossl_shim/ossl_shim.cc b/test/ossl_shim/ossl_shim.cc
index 79edaddae4..be589e36d1 100644
--- a/test/ossl_shim/ossl_shim.cc
+++ b/test/ossl_shim/ossl_shim.cc
@@ -518,6 +518,7 @@ class SocketCloser {
 };
 
 static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) {
+  const char sess_id_ctx[] = "ossl_shim";
   bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(
       config->is_dtls ? DTLS_method() : TLS_method()));
   if (!ssl_ctx) {
@@ -633,6 +634,10 @@ static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) {
     SSL_CTX_set_client_CA_list(ssl_ctx.get(), nullptr);
   }
 
+  SSL_CTX_set_session_id_context(ssl_ctx.get(),
+                                 (const unsigned char *)sess_id_ctx,
+                                 sizeof(sess_id_ctx) - 1);
+
   return ssl_ctx;
 }