Adding SSL_set_session_creation_enabled for SSLSocket.setEnableSessionCreation(false) support

SSL_set_session_creation_enabled implementation Add session_creation_enabled to ssl_st (aka SSL) Add SSL_set_session_creation_enabled(SSL*, int) declaration Add SSL_R_SESSION_MAY_NOT_BE_CREATED error reason include/openssl/ssl.h ssl/ssl.h Before creating session, check if session_creation_enabled. If not, error out, sending alert when possible in SSL3+ cases. ssl/d1_clnt.c ssl/s23_clnt.c ssl/s3_clnt.c ssl/s3_srvr.c Add error message for SSL_R_SESSION_MAY_NOT_BE_CREATED ssl/ssl_err.c Initialize session_creation_enabled to 1 in SSL_new ssl/ssl_lib.c Definition of SSL_set_session_creation_enabled. Add lower level check for session_creation_enabled in ssl_get_new_session in case it is not caught by higher levels. ssl/ssl_sess.c Patch details Added jsse.patch to list and add list of patched files. Fix whitespace to be tabs for consistency. openssl.config Add description of jsse.patch patches/README The patch itself, containing the above described changes patches/jsse.patch Testing Updated with note to run javax.net.ssl tests now that they are working reliably. README.android Change-Id: I21763ffbb29278b1c2d88d947eb780f38f637b2d
author: Brian Carlstrom <bdc@google.com> 2010-04-23 15:24:16 -0700
committer: Brian Carlstrom <bdc@google.com> 2010-05-04 10:56:21 -0700
commit: fd113c07c3c2a6b07f8ab69dfae7d104e769f469 (patch)
tree: e1274892f7caedeb7589ce5a25dca4e15a5cda82 /ssl/ssl_sess.c
parent: 0e804cad5b26bb5b9906553b6ae87187edb31702 (diff)
download: replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.zip
replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.tar.gz
replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.tar.bz2
1 files changed, 7 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 8e5d8a0..93954e4 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -261,6 +261,11 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
 	return 0;
 }
 
+void SSL_set_session_creation_enabled (SSL *s, int creation_enabled)
+	{
+	s->session_creation_enabled = creation_enabled;
+	}
+
 int ssl_get_new_session(SSL *s, int session)
 	{
 	/* This gets used by clients and servers. */
@@ -269,6 +274,8 @@ int ssl_get_new_session(SSL *s, int session)
 	SSL_SESSION *ss=NULL;
 	GEN_SESSION_CB cb = def_generate_session_id;
 
+	/* caller should check this if they can do better error handling */
+        if (!s->session_creation_enabled) return(0);
 	if ((ss=SSL_SESSION_new()) == NULL) return(0);
 
 	/* If the context has a default timeout, use it */
author	Brian Carlstrom <bdc@google.com>	2010-04-23 15:24:16 -0700
committer	Brian Carlstrom <bdc@google.com>	2010-05-04 10:56:21 -0700
commit	fd113c07c3c2a6b07f8ab69dfae7d104e769f469 (patch)
tree	e1274892f7caedeb7589ce5a25dca4e15a5cda82 /ssl/ssl_sess.c
parent	0e804cad5b26bb5b9906553b6ae87187edb31702 (diff)
download	replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.zip replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.tar.gz replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.tar.bz2