/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2005 Nokia. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
#include <openssl/lhash.h>
#include <openssl/rand.h>
#include <openssl/engine.h>
+#include "internal/refcount.h"
#include "ssl_locl.h"
#include "statem/statem_locl.h"
return ss;
}
+SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src)
+{
+ return ssl_session_dup(src, 1);
+}
+
/*
* Create a new SSL_SESSION and duplicate the contents of |src| into it. If
* ticket == 0 then no ticket information is duplicated, otherwise it is.
*/
#define MAX_SESS_ID_ATTEMPTS 10
-static int def_generate_session_id(const SSL *ssl, unsigned char *id,
+static int def_generate_session_id(SSL *ssl, unsigned char *id,
unsigned int *id_len)
{
unsigned int retry = 0;
do
- if (RAND_bytes(id, *id_len) <= 0)
+ if (ssl_randbytes(ssl, id, *id_len) <= 0)
return 0;
while (SSL_has_matching_session_id(ssl, id, *id_len) &&
(++retry < MAX_SESS_ID_ATTEMPTS)) ;
goto err;
case TICKET_NONE:
case TICKET_EMPTY:
- try_session_cache = 1;
+ if (hello->session_id_len > 0)
+ try_session_cache = 1;
break;
case TICKET_NO_DECRYPT:
case TICKET_SUCCESS:
(s->session_ctx->session_cache_mode &
SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
/*
- * The following should not return 1, otherwise, things are
- * very strange
+ * Either return value of SSL_CTX_add_session should not
+ * interrupt the session resumption process. The return
+ * value is intentionally ignored.
*/
- if (SSL_CTX_add_session(s->session_ctx, ret))
- goto err;
+ SSL_CTX_add_session(s->session_ctx, ret);
}
}
}
return s->ext.max_early_data;
}
+int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
+{
+ s->ext.max_early_data = max_early_data;
+
+ return 1;
+}
+
X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
{
return s->peer;