New function SSL_CTX_set_session_id_context.
Submitted by: Reviewed by: PR:
This commit is contained in:
parent
81c8ee091c
commit
4eb77b2679
5
CHANGES
5
CHANGES
@ -5,6 +5,11 @@
|
|||||||
|
|
||||||
Changes between 0.9.2b and 0.9.3
|
Changes between 0.9.2b and 0.9.3
|
||||||
|
|
||||||
|
*) New function SSL_CTX_set_session_id_context that allows to set a default
|
||||||
|
value (so that you don't need SSL_set_session_id_context for each connection
|
||||||
|
using the SSL_CTX).
|
||||||
|
[Bodo Moeller]
|
||||||
|
|
||||||
*) OAEP decoding bug fix.
|
*) OAEP decoding bug fix.
|
||||||
[Ulf Möller]
|
[Ulf Möller]
|
||||||
|
|
||||||
|
@ -394,6 +394,8 @@ struct ssl_ctx_st
|
|||||||
/**/ struct cert_st /* CERT */ *default_cert;
|
/**/ struct cert_st /* CERT */ *default_cert;
|
||||||
/**/ int read_ahead;
|
/**/ int read_ahead;
|
||||||
/**/ int verify_mode;
|
/**/ int verify_mode;
|
||||||
|
/**/ unsigned int sid_ctx_length;
|
||||||
|
/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
|
||||||
/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
|
/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
/* Default password callback. */
|
/* Default password callback. */
|
||||||
@ -929,6 +931,9 @@ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
|
|||||||
int SSL_CTX_check_private_key(SSL_CTX *ctx);
|
int SSL_CTX_check_private_key(SSL_CTX *ctx);
|
||||||
int SSL_check_private_key(SSL *ctx);
|
int SSL_check_private_key(SSL *ctx);
|
||||||
|
|
||||||
|
int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
|
||||||
|
unsigned int sid_ctx_len);
|
||||||
|
|
||||||
SSL * SSL_new(SSL_CTX *ctx);
|
SSL * SSL_new(SSL_CTX *ctx);
|
||||||
int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
|
int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
|
||||||
unsigned int sid_ctx_len);
|
unsigned int sid_ctx_len);
|
||||||
@ -1153,6 +1158,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
|
|||||||
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
|
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
|
||||||
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
|
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
|
||||||
#define SSL_F_SSL_CTX_NEW 169
|
#define SSL_F_SSL_CTX_NEW 169
|
||||||
|
#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
|
||||||
#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
|
#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
|
||||||
#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
|
#define SSL_F_SSL_CTX_USE_CERTIFICATE 171
|
||||||
#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
|
#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
|
||||||
|
@ -138,6 +138,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
|
|||||||
{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
|
{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
|
||||||
{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
|
{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
|
||||||
{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
|
{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
|
||||||
|
{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"},
|
||||||
{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
|
{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
|
||||||
{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
|
{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
|
||||||
{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
|
{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
|
||||||
|
@ -186,6 +186,8 @@ SSL *SSL_new(SSL_CTX *ctx)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
s->cert=NULL;
|
s->cert=NULL;
|
||||||
|
s->sid_ctx_length=ctx->sid_ctx_length;
|
||||||
|
memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
|
||||||
s->verify_mode=ctx->verify_mode;
|
s->verify_mode=ctx->verify_mode;
|
||||||
s->verify_callback=ctx->default_verify_callback;
|
s->verify_callback=ctx->default_verify_callback;
|
||||||
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
|
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
|
||||||
@ -216,6 +218,20 @@ err:
|
|||||||
return(NULL);
|
return(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx,
|
||||||
|
unsigned int sid_ctx_len)
|
||||||
|
{
|
||||||
|
if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH)
|
||||||
|
{
|
||||||
|
SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
ctx->sid_ctx_length=sid_ctx_len;
|
||||||
|
memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len);
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
|
int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx,
|
||||||
unsigned int sid_ctx_len)
|
unsigned int sid_ctx_len)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user