implement ssl set session id context

2017-04-26 16:52:57 -06:00
parent ede8127569
commit f393eb9176
2 changed files with 31 additions and 13 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -14549,6 +14549,31 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
    }


+
+    /* Storing app session context id. Any session that is imported with a
+     * different session context id will be rejected.
+     *
+     * ssl  structure to set context in
+     * id   value of context to set
+     * len  length of sid_ctx buffer
+     *
+     * Returns SSL_SUCCESS in success case and SSL_FAILURE when failing
+     */
+    int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
+                                   unsigned int len)
+    {
+        WOLFSSL_STUB("wolfSSL_set_session_id_context");
+
+        if (len > ID_LEN || ssl == NULL || id == NULL) {
+            return SSL_FAILURE;
+        }
+        XMEMCPY(ssl->sessionCtx, id, len);
+        ssl->sessionCtxSz = len;
+
+        return SSL_SUCCESS;
+    }
+
+
    long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
    {
        (void)ctx;
@ -16772,18 +16797,6 @@ int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *in)
 }
 #endif /* NO_ASN */

-#ifndef NO_WOLFSSL_STUB
-int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
-                               unsigned int len)
-{
-    (void)ssl;
-    (void)id;
-    (void)len;
-    WOLFSSL_STUB("SSL_set_session_id_context");
-    return 0;
-}
-#endif
-
 void wolfSSL_set_connect_state(WOLFSSL* ssl)
 {
    word16 haveRSA = 1;
@ -20626,7 +20639,9 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
        if (s == NULL)
            return NULL;
        s->isAlloced = 1;
+#ifdef HAVE_SESSION_TICKET
        s->isDynamic = 0;
+#endif
    }

    idx = 0;
--- a/tests/api.c
+++ b/tests/api.c
@ -15792,9 +15792,12 @@ static void test_wolfSSL_SESSION(void)
    /* successful set session test */
    AssertNotNull(ssl = wolfSSL_new(ctx));
    AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_SUCCESS);
-    wolfSSL_free(ssl);

    /* fail case with miss match session context IDs (use compatibility API) */
+    AssertIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
+            SSL_SUCCESS);
+    AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+    wolfSSL_free(ssl);
    AssertIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
            SSL_FAILURE);
    AssertIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),