diff options
author | Brian Carlstrom <bdc@google.com> | 2010-04-23 15:24:16 -0700 |
---|---|---|
committer | Brian Carlstrom <bdc@google.com> | 2010-05-04 10:56:21 -0700 |
commit | fd113c07c3c2a6b07f8ab69dfae7d104e769f469 (patch) | |
tree | e1274892f7caedeb7589ce5a25dca4e15a5cda82 /ssl/ssl_sess.c | |
parent | 0e804cad5b26bb5b9906553b6ae87187edb31702 (diff) | |
download | replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.zip replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.tar.gz replicant_openssl-fd113c07c3c2a6b07f8ab69dfae7d104e769f469.tar.bz2 |
Adding SSL_set_session_creation_enabled for SSLSocket.setEnableSessionCreation(false) support
SSL_set_session_creation_enabled implementation
Add session_creation_enabled to ssl_st (aka SSL)
Add SSL_set_session_creation_enabled(SSL*, int) declaration
Add SSL_R_SESSION_MAY_NOT_BE_CREATED error reason
include/openssl/ssl.h
ssl/ssl.h
Before creating session, check if session_creation_enabled.
If not, error out, sending alert when possible in SSL3+ cases.
ssl/d1_clnt.c
ssl/s23_clnt.c
ssl/s3_clnt.c
ssl/s3_srvr.c
Add error message for SSL_R_SESSION_MAY_NOT_BE_CREATED
ssl/ssl_err.c
Initialize session_creation_enabled to 1 in SSL_new
ssl/ssl_lib.c
Definition of SSL_set_session_creation_enabled. Add lower level
check for session_creation_enabled in ssl_get_new_session in case
it is not caught by higher levels.
ssl/ssl_sess.c
Patch details
Added jsse.patch to list and add list of patched files.
Fix whitespace to be tabs for consistency.
openssl.config
Add description of jsse.patch
patches/README
The patch itself, containing the above described changes
patches/jsse.patch
Testing
Updated with note to run javax.net.ssl tests now that they are working reliably.
README.android
Change-Id: I21763ffbb29278b1c2d88d947eb780f38f637b2d
Diffstat (limited to 'ssl/ssl_sess.c')
-rw-r--r-- | ssl/ssl_sess.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 8e5d8a0..93954e4 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -261,6 +261,11 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id, return 0; } +void SSL_set_session_creation_enabled (SSL *s, int creation_enabled) + { + s->session_creation_enabled = creation_enabled; + } + int ssl_get_new_session(SSL *s, int session) { /* This gets used by clients and servers. */ @@ -269,6 +274,8 @@ int ssl_get_new_session(SSL *s, int session) SSL_SESSION *ss=NULL; GEN_SESSION_CB cb = def_generate_session_id; + /* caller should check this if they can do better error handling */ + if (!s->session_creation_enabled) return(0); if ((ss=SSL_SESSION_new()) == NULL) return(0); /* If the context has a default timeout, use it */ |