Added a callback when receiving a NewSessionTicket handshake message.

This commit is contained in:
John Safranek 2014-10-20 09:25:14 -07:00
parent 60790ee4ae
commit 35bcc98948
5 changed files with 53 additions and 1 deletions

View File

@ -2070,7 +2070,9 @@ struct CYASSL {
SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
#endif /* user turned on */
#if !defined(NO_CYASSL_CLIENT) && defined(HAVE_SESSION_TICKET)
byte expect_session_ticket;
CallbackSessionTicket session_ticket_cb;
void* session_ticket_ctx;
byte expect_session_ticket;
#endif
#endif /* HAVE_TLS_EXTENSIONS */
#ifdef HAVE_NETX

View File

@ -1326,6 +1326,9 @@ CYASSL_API int CyaSSL_UseSessionTicket(CYASSL* ssl);
CYASSL_API int CyaSSL_CTX_UseSessionTicket(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_get_SessionTicket(CYASSL*, unsigned char*, unsigned int*);
CYASSL_API int CyaSSL_set_SessionTicket(CYASSL*, unsigned char*, unsigned int);
typedef int (*CallbackSessionTicket)(CYASSL*, const unsigned char*, int, void*);
CYASSL_API int CyaSSL_set_SessionTicket_cb(CYASSL*,
CallbackSessionTicket, void*);
#endif
#endif

View File

@ -58,6 +58,10 @@
Timeval timeout;
#endif
#ifdef HAVE_SESSION_TICKET
int sessionTicketCB(CYASSL*, const unsigned char*, int, void*);
#endif
static void NonBlockingSSL_Connect(CYASSL* ssl)
{
@ -638,6 +642,9 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
ssl = CyaSSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL object");
#ifdef HAVE_SESSION_TICKET
CyaSSL_set_SessionTicket_cb(ssl, sessionTicketCB, (void*)"initial session");
#endif
if (doDTLS) {
SOCKADDR_IN_T addr;
build_addr(&addr, host, port, 1);
@ -801,6 +808,10 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
#ifdef HAVE_SESSION_TICKET
CyaSSL_set_SessionTicket_cb(sslResume, sessionTicketCB,
(void*)"resumed session");
#endif
showPeer(sslResume);
#ifndef CYASSL_CALLBACKS
@ -930,3 +941,19 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
#endif
#ifdef HAVE_SESSION_TICKET
int sessionTicketCB(CYASSL* ssl,
const unsigned char* ticket, int ticketSz,
void* ctx)
{
(void)ssl;
(void)ticket;
printf("Session Ticket CB: ticketSz = %d, ctx = %s\n",
ticketSz, (char*)ctx);
return 0;
}
#endif

View File

@ -1758,6 +1758,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->secure_renegotiation = NULL;
#endif
#if !defined(NO_CYASSL_CLIENT) && defined(HAVE_SESSION_TICKET)
ssl->session_ticket_cb = NULL;
ssl->session_ticket_ctx = NULL;
ssl->expect_session_ticket = 0;
#endif
#endif
@ -10508,6 +10510,11 @@ int DoSessionTicket(CYASSL* ssl,
*inOutIdx += length;
ssl->session.ticketLen = length;
ssl->timeout = lifetime;
if (ssl->session_ticket_cb != NULL) {
ssl->session_ticket_cb(ssl,
ssl->session.ticket, ssl->session.ticketLen,
ssl->session_ticket_ctx);
}
/* Create a fake sessionID based on the ticket, this will
* supercede the existing session cache info. */
ssl->options.haveSessionId = 1;

View File

@ -848,6 +848,19 @@ CYASSL_API int CyaSSL_set_SessionTicket(CYASSL* ssl, byte* buf, word32 bufSz)
return SSL_SUCCESS;
}
CYASSL_API int CyaSSL_set_SessionTicket_cb(CYASSL* ssl,
CallbackSessionTicket cb, void* ctx)
{
if (ssl == NULL)
return BAD_FUNC_ARG;
ssl->session_ticket_cb = cb;
ssl->session_ticket_ctx = ctx;
return SSL_SUCCESS;
}
#endif
#ifndef CYASSL_LEANPSK