Add SSL_initial_handshake_complete.
To account for the changes in ticket renewal, Chromium will need to listen for
new_session_cb to determine whether the handshake produced a new session.
Chromium currently never caches sessions produced on a renegotiation. To retain
that behavior, it'll need to know whether new_session_cb is initial or not.
Rather than maintain duplicate state and listen for SSL_HANDSHAKE_DONE, it's
simpler to just let it query ssl->s3->initial_handshake_complete.
BUG=501418
Change-Id: Ib2f2541460bd09cf16106388e9cfdf3662e02681
Reviewed-on: https://boringssl-review.googlesource.com/5126
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 55ebe37..caac446 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -517,6 +517,10 @@
OPENSSL_EXPORT int SSL_get_tls_unique(const SSL *ssl, uint8_t *out,
size_t *out_len, size_t max_out);
+/* SSL_initial_handshake_complete returns one if the initial handshake has
+ * completed and zero otherwise. */
+OPENSSL_EXPORT int SSL_initial_handshake_complete(const SSL *ssl);
+
/* Underdocumented functions.
*
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1328cd5..5979008 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2941,6 +2941,10 @@
return 0;
}
+int SSL_initial_handshake_complete(const SSL *ssl) {
+ return ssl->s3->initial_handshake_complete;
+}
+
int SSL_CTX_sess_connect(const SSL_CTX *ctx) { return 0; }
int SSL_CTX_sess_connect_good(const SSL_CTX *ctx) { return 0; }
int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx) { return 0; }