diff options
| author | tb <> | 2018-03-20 15:28:12 +0000 | 
|---|---|---|
| committer | tb <> | 2018-03-20 15:28:12 +0000 | 
| commit | a630606aa9bbdbdb6a403eeae3218ed26367572c (patch) | |
| tree | 3af7b1fa51ef29fba7c4bb9787451f3bca88aeab | |
| parent | 1b7b108560adf0e9855609ddc884adf03569d4f3 (diff) | |
| download | openbsd-a630606aa9bbdbdb6a403eeae3218ed26367572c.tar.gz openbsd-a630606aa9bbdbdb6a403eeae3218ed26367572c.tar.bz2 openbsd-a630606aa9bbdbdb6a403eeae3218ed26367572c.zip | |
Provide SSL_SESSION_set1_id()
ok jsing
| -rw-r--r-- | src/lib/libssl/Symbols.list | 1 | ||||
| -rw-r--r-- | src/lib/libssl/ssl.h | 5 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_err.c | 3 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 15 | 
4 files changed, 21 insertions, 3 deletions
| diff --git a/src/lib/libssl/Symbols.list b/src/lib/libssl/Symbols.list index 3b513d5c28..c66024e21d 100644 --- a/src/lib/libssl/Symbols.list +++ b/src/lib/libssl/Symbols.list | |||
| @@ -154,6 +154,7 @@ SSL_SESSION_has_ticket | |||
| 154 | SSL_SESSION_new | 154 | SSL_SESSION_new | 
| 155 | SSL_SESSION_print | 155 | SSL_SESSION_print | 
| 156 | SSL_SESSION_print_fp | 156 | SSL_SESSION_print_fp | 
| 157 | SSL_SESSION_set1_id | ||
| 157 | SSL_SESSION_set1_id_context | 158 | SSL_SESSION_set1_id_context | 
| 158 | SSL_SESSION_set_ex_data | 159 | SSL_SESSION_set_ex_data | 
| 159 | SSL_SESSION_set_time | 160 | SSL_SESSION_set_time | 
| diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 97d1c40a66..78a6787d43 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.153 2018/03/17 16:20:01 beck Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.154 2018/03/20 15:28:12 tb Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -1317,6 +1317,8 @@ long SSL_SESSION_get_timeout(const SSL_SESSION *s); | |||
| 1317 | long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); | 1317 | long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); | 
| 1318 | void SSL_copy_session_id(SSL *to, const SSL *from); | 1318 | void SSL_copy_session_id(SSL *to, const SSL *from); | 
| 1319 | X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); | 1319 | X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); | 
| 1320 | int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, | ||
| 1321 | unsigned int sid_len); | ||
| 1320 | int SSL_SESSION_set1_id_context(SSL_SESSION *s, | 1322 | int SSL_SESSION_set1_id_context(SSL_SESSION *s, | 
| 1321 | const unsigned char *sid_ctx, unsigned int sid_ctx_len); | 1323 | const unsigned char *sid_ctx, unsigned int sid_ctx_len); | 
| 1322 | 1324 | ||
| @@ -2039,6 +2041,7 @@ void ERR_load_SSL_strings(void); | |||
| 2039 | #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 | 2041 | #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 | 
| 2040 | #define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 | 2042 | #define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 | 
| 2041 | #define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 | 2043 | #define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 | 
| 2044 | #define SSL_R_SSL_SESSION_ID_TOO_LONG 408 | ||
| 2042 | #define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 | 2045 | #define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 | 
| 2043 | #define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 | 2046 | #define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 | 
| 2044 | #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 | 2047 | #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 | 
| diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c index db3c1a0d2d..250a9eef6b 100644 --- a/src/lib/libssl/ssl_err.c +++ b/src/lib/libssl/ssl_err.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_err.c,v 1.35 2017/08/28 17:36:58 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_err.c,v 1.36 2018/03/20 15:28:12 tb Exp $ */ | 
| 2 | /* ==================================================================== | 2 | /* ==================================================================== | 
| 3 | * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -390,6 +390,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= { | |||
| 390 | {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"}, | 390 | {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"}, | 
| 391 | {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, | 391 | {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, | 
| 392 | {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"}, | 392 | {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"}, | 
| 393 | {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id is too long"}, | ||
| 393 | {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"}, | 394 | {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"}, | 
| 394 | {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"}, | 395 | {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"}, | 
| 395 | {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"}, | 396 | {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"}, | 
| diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 51aa2eac04..b3ee7ef430 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sess.c,v 1.78 2018/03/17 16:20:01 beck Exp $ */ | 1 | /* $OpenBSD: ssl_sess.c,v 1.79 2018/03/20 15:28:12 tb Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -851,6 +851,19 @@ SSL_SESSION_get0_peer(SSL_SESSION *s) | |||
| 851 | } | 851 | } | 
| 852 | 852 | ||
| 853 | int | 853 | int | 
| 854 | SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, | ||
| 855 | unsigned int sid_len) | ||
| 856 | { | ||
| 857 | if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) { | ||
| 858 | SSLerrorx(SSL_R_SSL_SESSION_ID_TOO_LONG); | ||
| 859 | return 0; | ||
| 860 | } | ||
| 861 | s->session_id_length = sid_len; | ||
| 862 | memmove(s->session_id, sid, sid_len); | ||
| 863 | return 1; | ||
| 864 | } | ||
| 865 | |||
| 866 | int | ||
| 854 | SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, | 867 | SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, | 
| 855 | unsigned int sid_ctx_len) | 868 | unsigned int sid_ctx_len) | 
| 856 | { | 869 | { | 
