New function SSL_CTX_set_session_id_context.
authorBodo Möller <bodo@openssl.org>
Fri, 30 Apr 1999 17:15:56 +0000 (17:15 +0000)
committerBodo Möller <bodo@openssl.org>
Fri, 30 Apr 1999 17:15:56 +0000 (17:15 +0000)
Submitted by:
Reviewed by:
PR:

CHANGES
ssl/ssl.h
ssl/ssl_err.c
ssl/ssl_lib.c

diff --git a/CHANGES b/CHANGES
index 08dc7c3..809472c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,11 @@
 
  Changes between 0.9.2b and 0.9.3
 
+  *) New function SSL_CTX_set_session_id_context that allows to set a default
+     value (so that you don't need SSL_set_session_id_context for each connection
+     using the SSL_CTX).
+     [Bodo Moeller]
+
   *) OAEP decoding bug fix.
      [Ulf Möller]
 
index 768a836..6a3ad30 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -394,6 +394,8 @@ struct ssl_ctx_st
 /**/   struct cert_st /* CERT */ *default_cert;
 /**/   int read_ahead;
 /**/   int verify_mode;
+/**/   unsigned int sid_ctx_length;
+/**/   unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
 /**/   int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
 
        /* Default password callback. */
@@ -929,6 +931,9 @@ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
 int SSL_CTX_check_private_key(SSL_CTX *ctx);
 int SSL_check_private_key(SSL *ctx);
 
+int    SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
+                                      unsigned int sid_ctx_len);
+
 SSL *  SSL_new(SSL_CTX *ctx);
 int    SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
                                   unsigned int sid_ctx_len);
@@ -1153,6 +1158,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 #define SSL_F_SSL_CREATE_CIPHER_LIST                    166
 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                         168
 #define SSL_F_SSL_CTX_NEW                               169
+#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT            219
 #define SSL_F_SSL_CTX_SET_SSL_VERSION                   170
 #define SSL_F_SSL_CTX_USE_CERTIFICATE                   171
 #define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1              172
index 64bab61..3d9a835 100644 (file)
@@ -138,6 +138,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0),   "SSL_CREATE_CIPHER_LIST"},
 {ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0),        "SSL_CTX_check_private_key"},
 {ERR_PACK(0,SSL_F_SSL_CTX_NEW,0),      "SSL_CTX_new"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0),   "SSL_CTX_set_session_id_context"},
 {ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0),  "SSL_CTX_set_ssl_version"},
 {ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0),  "SSL_CTX_use_certificate"},
 {ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0),     "SSL_CTX_use_certificate_ASN1"},
index a237dda..8317683 100644 (file)
@@ -186,6 +186,8 @@ SSL *SSL_new(SSL_CTX *ctx)
                }
        else
                s->cert=NULL;
+       s->sid_ctx_length=ctx->sid_ctx_length;
+       memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
        s->verify_mode=ctx->verify_mode;
        s->verify_callback=ctx->default_verify_callback;
        CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
@@ -216,6 +218,20 @@ err:
        return(NULL);
        }
 
+int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
+                                  unsigned int sid_ctx_len)
+    {
+    if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
+       {
+       SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+       return 0;
+       }
+    ctx->sid_ctx_length=sid_ctx_len;
+    memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
+
+    return 1;
+    }
+
 int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
                               unsigned int sid_ctx_len)
     {