Add some more accessors to SSL_SESSION.
Hopefully this is the last of it before we can hide the struct. We're
missing peer_sha256 accessors, and some test wants to mutate the ticket
in a test client.
Change-Id: I1a30fcc0a1e866d42acbc07a776014c9257f7c86
Reviewed-on: https://boringssl-review.googlesource.com/28268
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc
index 9ecadcf..d8f3bbd 100644
--- a/ssl/ssl_session.cc
+++ b/ssl/ssl_session.cc
@@ -988,6 +988,18 @@
*out_len = session->tlsext_ticklen;
}
+int SSL_SESSION_set_ticket(SSL_SESSION *session, const uint8_t *ticket,
+ size_t ticket_len) {
+ uint8_t *copy = (uint8_t *)BUF_memdup(ticket, ticket_len);
+ if (copy == nullptr) {
+ return 0;
+ }
+ OPENSSL_free(session->tlsext_tick);
+ session->tlsext_tick = copy;
+ session->tlsext_ticklen = ticket_len;
+ return 1;
+}
+
uint32_t SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *session) {
return session->tlsext_tick_lifetime_hint;
}
@@ -996,6 +1008,21 @@
return session->cipher;
}
+int SSL_SESSION_has_peer_sha256(const SSL_SESSION *session) {
+ return session->peer_sha256_valid;
+}
+
+void SSL_SESSION_get0_peer_sha256(const SSL_SESSION *session,
+ const uint8_t **out_ptr, size_t *out_len) {
+ if (session->peer_sha256_valid) {
+ *out_ptr = session->peer_sha256;
+ *out_len = sizeof(session->peer_sha256);
+ } else {
+ *out_ptr = nullptr;
+ *out_len = 0;
+ }
+}
+
SSL_SESSION *SSL_magic_pending_session_ptr(void) {
return (SSL_SESSION *)&g_pending_session_magic;
}
