Add SSL_SESSION_get0_id_context.
This matches OpenSSL 1.1.0. Someone requested it.
Change-Id: I230bb9ec646cd32e71413a68e93058818c8f2aad
Reviewed-on: https://boringssl-review.googlesource.com/29004
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index eb3713f..2558732 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1750,6 +1750,12 @@
OPENSSL_EXPORT uint32_t SSL_SESSION_set_timeout(SSL_SESSION *session,
uint32_t timeout);
+// SSL_SESSION_get0_id_context returns a pointer to a buffer containing
+// |session|'s session ID context (see |SSL_CTX_set_session_id_context|) and
+// sets |*out_len| to its length.
+OPENSSL_EXPORT const uint8_t *SSL_SESSION_get0_id_context(
+ const SSL_SESSION *session, unsigned *out_len);
+
// SSL_SESSION_set1_id_context sets |session|'s session ID context (see
// |SSL_CTX_set_session_id_context|) to |sid_ctx|. It returns one on success and
// zero on error. This function may be useful in writing tests but otherwise
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc
index edf08b2..5e8ffe0 100644
--- a/ssl/ssl_session.cc
+++ b/ssl/ssl_session.cc
@@ -990,6 +990,14 @@
return 1;
}
+const uint8_t *SSL_SESSION_get0_id_context(const SSL_SESSION *session,
+ unsigned *out_len) {
+ if (out_len != NULL) {
+ *out_len = session->sid_ctx_length;
+ }
+ return session->sid_ctx;
+}
+
int SSL_SESSION_set1_id_context(SSL_SESSION *session, const uint8_t *sid_ctx,
size_t sid_ctx_len) {
if (sid_ctx_len > sizeof(session->sid_ctx)) {
