char *psk_identity_hint;
char *psk_identity;
#endif
+ /* Used to indicate that session resumption is not allowed.
+ * Applications can also set this bit for a new session via
+ * not_resumable_session_cb to disable session caching and tickets. */
int not_resumable;
/* The cert is the certificate used to establish this connection */
X509_VERIFY_PARAM *param;
+ /* Callback for disabling session caching and ticket support
+ * on a session basis, depending on the chosen cipher. */
+ int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
+
#if 0
int purpose; /* Purpose setting */
int trust; /* Trust setting */
X509_VERIFY_PARAM *param;
+ /* Callback for disabling session caching and ticket support
+ * on a session basis, depending on the chosen cipher. */
+ int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
+
#if 0
int purpose; /* Purpose setting */
int trust; /* Trust setting */
#define SSL_CTRL_GET_RI_SUPPORT 76
#define SSL_CTRL_CLEAR_OPTIONS 77
#define SSL_CTRL_CLEAR_MODE 78
+#define SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB 79
#define DTLSv1_get_timeout(ssl, arg) \
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
unsigned char *context, int context_len,
unsigned char *out, int olen);
+void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
+ int (*cb)(SSL *ssl, int is_forward_secure));
+
+void SSL_set_not_resumable_session_callback(SSL *ssl,
+ int (*cb)(SSL *ssl, int is_forward_secure));
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.