Ensure we set the session id context in ossl_shim
authorMatt Caswell <matt@openssl.org>
Tue, 14 Mar 2017 17:26:46 +0000 (17:26 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Mar 2017 23:15:21 +0000 (23:15 +0000)
OpenSSL requires that we set the session id context. BoringSSL apparently
does not require this, so wasn't setting it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2942)

test/ossl_shim/ossl_shim.cc

index 79edaddae4419b4d6423c85a8b82b97d0fd4ceed..be589e36d1b1f39f5366d6708f686d1d8b5874ca 100644 (file)
@@ -518,6 +518,7 @@ class SocketCloser {
 };
 
 static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) {
+  const char sess_id_ctx[] = "ossl_shim";
   bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(
       config->is_dtls ? DTLS_method() : TLS_method()));
   if (!ssl_ctx) {
@@ -633,6 +634,10 @@ static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) {
     SSL_CTX_set_client_CA_list(ssl_ctx.get(), nullptr);
   }
 
+  SSL_CTX_set_session_id_context(ssl_ctx.get(),
+                                 (const unsigned char *)sess_id_ctx,
+                                 sizeof(sess_id_ctx) - 1);
+
   return ssl_ctx;
 }