add user context to session ticket encrypt callback

2015-06-10 16:32:43 -07:00 · 2015-06-10 16:32:43 -07:00 · 47af6459d8
commit 47af6459d8
parent 53bf8ed7cb
5 changed files with 22 additions and 4 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -13772,7 +13772,7 @@ int DoSessionTicket(WOLFSSL* ssl,
        encLen = WOLFSSL_TICKET_ENC_SZ;  /* max size user can use */
        ret = ssl->ctx->ticketEncCb(ssl, et->key_name, et->iv, et->mac, 1,
                                    et->enc_ticket, sizeof(InternalTicket),
-                                    &encLen);
+                                    &encLen, ssl->ticket_encrypt_ctx);
        if (ret == WOLFSSL_TICKET_RET_OK) {
            if (encLen < (int)sizeof(InternalTicket) ||
                encLen > WOLFSSL_TICKET_ENC_SZ) {
@ -13846,7 +13846,8 @@ int DoSessionTicket(WOLFSSL* ssl,
        outLen = inLen;   /* may be reduced by user padding */
        ret = ssl->ctx->ticketEncCb(ssl, et->key_name, et->iv,
                                    et->enc_ticket + inLen, 0,
-                                    et->enc_ticket, inLen, &outLen);
+                                    et->enc_ticket, inLen, &outLen,
+                                    ssl->ticket_encrypt_ctx);
        if (ret == WOLFSSL_TICKET_RET_FATAL || ret < 0) return ret;
        if (outLen > inLen || outLen < (int)sizeof(InternalTicket)) {
            WOLFSSL_MSG("Bad user ticket decrypt len");
--- a/src/ssl.c
+++ b/src/ssl.c
@ -895,6 +895,17 @@ int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int hint)
    return SSL_SUCCESS;
 }

+/* set user context, SSL_SUCCESS on ok */
+int wolfSSL_set_TicketEncCtx(WOLFSSL* ssl, void* ctx)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    ssl->ticket_encrypt_ctx = ctx;
+
+    return SSL_SUCCESS;
+}
+
 #endif /* !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET) */

 /* Session Ticket */
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -2251,6 +2251,9 @@ struct WOLFSSL {
        void*                 session_ticket_ctx;
        byte                  expect_session_ticket;
    #endif
+    #if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SESSION_TICKET)
+        void*                 ticket_encrypt_ctx;  /* session encrypt context */
+    #endif
 #endif /* HAVE_TLS_EXTENSIONS */
 #ifdef HAVE_NETX
    NetX_Ctx        nxCtx;             /* NetX IO Context */
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -1391,10 +1391,11 @@ typedef int (*SessionTicketEncCb)(WOLFSSL*,
                                 unsigned char key_name[WOLFSSL_TICKET_NAME_SZ],
                                 unsigned char iv[WOLFSSL_TICKET_IV_SZ],
                                 unsigned char mac[WOLFSSL_TICKET_MAC_SZ],
-                                 int enc, unsigned char*, int, int*);
+                                 int enc, unsigned char*, int, int*, void*);
 WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx,
                                            SessionTicketEncCb);
 WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int);
+WOLFSSL_API int wolfSSL_set_TicketEncCtx(WOLFSSL* ctx, void*);

 #endif /* NO_WOLFSSL_SERVER */

--- a/wolfssl/test.h
+++ b/wolfssl/test.h
@ -1878,9 +1878,11 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
                             byte key_name[WOLFSSL_TICKET_NAME_SZ],
                             byte iv[WOLFSSL_TICKET_IV_SZ],
                             byte mac[WOLFSSL_TICKET_MAC_SZ],
-                             int enc, byte* ticket, int inLen, int* outLen)
+                             int enc, byte* ticket, int inLen, int* outLen,
+                             void* userCtx)
    {
        (void)ssl;
+        (void)userCtx;

        int ret;
        word16 sLen = htons(inLen);