From b577fd0b81562ab97cf992bfffbdaf531e0d1d8c Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 8 Feb 2016 16:18:26 +0000
Subject: [PATCH] Deprecate undocumented SSL_cache_hit().

Deprecate undocumented SSL_cache_hit(). Make SSL_session_reused() into a
real function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 apps/s_client.c       | 2 +-
 apps/s_server.c       | 4 ++--
 include/openssl/ssl.h | 8 ++++----
 ssl/s3_lib.c          | 3 ---
 ssl/ssl_lib.c         | 2 +-
 util/ssleay.num       | 2 +-
 6 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/apps/s_client.c b/apps/s_client.c
index d6797f5066..39e3e48288 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2537,7 +2537,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
     if (SSL_get_verify_result(s) == X509_V_OK &&
         (peername = SSL_get0_peername(s)) != NULL)
         BIO_printf(bio, "Verified peername: %s\n", peername);
-    BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, "));
+    BIO_printf(bio, (SSL_session_reused(s) ? "---\nReused, " : "---\nNew, "));
     c = SSL_get_current_cipher(s);
     BIO_printf(bio, "%s, Cipher is %s\n",
                SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
diff --git a/apps/s_server.c b/apps/s_server.c
index 45e9227f07..f07c8f61a9 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2612,7 +2612,7 @@ static int init_ssl_connection(SSL *con)
                        srtp_profile->name);
     }
 #endif
-    if (SSL_cache_hit(con))
+    if (SSL_session_reused(con))
         BIO_printf(bio_s_out, "Reused session-id\n");
     BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
                SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
@@ -2882,7 +2882,7 @@ static int www_body(const char *hostname, int s, int stype,
 #ifndef OPENSSL_NO_EC
             ssl_print_curves(io, con, 0);
 #endif
-            BIO_printf(io, (SSL_cache_hit(con)
+            BIO_printf(io, (SSL_session_reused(con)
                             ? "---\nReused, " : "---\nNew, "));
             c = SSL_get_current_cipher(con);
             BIO_printf(io, "%s, Cipher is %s\n",
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index cffd199550..7bc46c5f78 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1115,7 +1115,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 # define SSL_CTRL_SET_TMP_DH                     3
 # define SSL_CTRL_SET_TMP_ECDH                   4
 # define SSL_CTRL_SET_TMP_DH_CB                  6
-# define SSL_CTRL_GET_SESSION_REUSED             8
 # define SSL_CTRL_GET_CLIENT_CERT_REQUEST        9
 # define SSL_CTRL_GET_NUM_RENEGOTIATIONS         10
 # define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS       11
@@ -1226,8 +1225,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
         SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
 # define DTLSv1_handle_timeout(ssl) \
         SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
-# define SSL_session_reused(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
 # define SSL_num_renegotiations(ssl) \
         SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
 # define SSL_clear_num_renegotiations(ssl) \
@@ -1812,8 +1809,11 @@ void SSL_set_not_resumable_session_callback(SSL *ssl,
                                             int (*cb) (SSL *ssl,
                                                        int
                                                        is_forward_secure));
+# if OPENSSL_API_COMPAT < 0x10100000L
+#  define SSL_cache_hit(s) SSL_session_reused(s)
+# endif
 
-__owur int SSL_cache_hit(SSL *s);
+__owur int SSL_session_reused(SSL *s);
 __owur int SSL_is_server(SSL *s);
 
 __owur __owur SSL_CONF_CTX *SSL_CONF_CTX_new(void);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 1121b8b5b9..8e2d7c4ff7 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3455,9 +3455,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
     int ret = 0;
 
     switch (cmd) {
-    case SSL_CTRL_GET_SESSION_REUSED:
-        ret = s->hit;
-        break;
     case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
         break;
     case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 23391327cb..aac23926ca 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3706,7 +3706,7 @@ int ssl_handshake_hash(SSL *s, unsigned char *out, int outlen)
     return ret;
 }
 
-int SSL_cache_hit(SSL *s)
+int SSL_session_reused(SSL *s)
 {
     return s->hit;
 }
diff --git a/util/ssleay.num b/util/ssleay.num
index 67fd4ab4f5..d320e3bbd4 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -300,7 +300,7 @@ SSL_SESSION_get0_peer                   340	1_1_0	EXIST::FUNCTION:
 TLSv1_2_client_method                   341	1_1_0	EXIST::FUNCTION:
 SSL_SESSION_set1_id_context             342	1_1_0	EXIST::FUNCTION:
 TLSv1_2_server_method                   343	1_1_0	EXIST::FUNCTION:
-SSL_cache_hit                           344	1_1_0	EXIST::FUNCTION:
+SSL_session_reused                      344	1_1_0	EXIST::FUNCTION:
 SSL_get0_kssl_ctx                       345	1_1_0	NOEXIST::FUNCTION:
 SSL_set0_kssl_ctx                       346	1_1_0	NOEXIST::FUNCTION:
 SSL_SESSION_get0_id                     347	1_1_0	NOEXIST::FUNCTION:
-- 
2.34.1