Add a getter for SSL_set_session_id_context.
We have a test somewhere which tries to read off of it. Align the getter
roughly with upstream's SSL_SESSION_get0_id_context (which we don't
currently expose).
BUG=6
Change-Id: Iab240868838ba56c1f08d112888d9536574347b4
Reviewed-on: https://boringssl-review.googlesource.com/12636
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1f3599d..0b42120 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1767,6 +1767,11 @@
OPENSSL_EXPORT int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx,
size_t sid_ctx_len);
+/* SSL_get0_session_id_context returns a pointer to |ssl|'s session ID context
+ * and sets |*out_len| to its length. */
+OPENSSL_EXPORT const uint8_t *SSL_get0_session_id_context(const SSL *ssl,
+ size_t *out_len);
+
/* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT is the default maximum size of a session
* cache. */
#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024 * 20)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index e0ab803..6bb8cf5 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1194,6 +1194,11 @@
return 1;
}
+const uint8_t *SSL_get0_session_id_context(const SSL *ssl, size_t *out_len) {
+ *out_len = ssl->sid_ctx_length;
+ return ssl->sid_ctx;
+}
+
int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose) {
return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
}