Add support to libtls for client-side TLS session resumption.

A libtls client can specify a session file descriptor (a regular file
with appropriate ownership and permissions) and libtls will manage reading
and writing of session data across TLS handshakes.

Discussed at length with deraadt@ and tedu@.

Rides previous minor bump.

ok beck@

1 files changed, 3 insertions, 1 deletions

diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
index eb08d47074..14265037eb 100644
--- a/src/lib/libtls/tls_internal.h
+++ b/src/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.68 2018/02/08 10:19:31 jsing Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.69 2018/02/10 04:41:24 jsing Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -95,6 +95,7 @@ struct tls_config {
         int ocsp_require_stapling;
         uint32_t protocols;
         unsigned char session_id[TLS_MAX_SESSION_ID_LENGTH];
+        int session_fd;
         int session_lifetime;
         struct tls_ticket_key ticket_keys[TLS_NUM_TICKETS];
         uint32_t ticket_keyrev;
@@ -111,6 +112,7 @@ struct tls_conninfo {
         char *alpn;
         char *cipher;
         char *servername;
+        int session_resumed;
         char *version;
 
         char *hash;