Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / openssl / fd113c07c3c2a6b07f8ab69dfae7d104e769f469^! / . / ssl / ssl_err.c
commitfd113c07c3c2a6b07f8ab69dfae7d104e769f469[log] [tgz]
authorBrian Carlstrom <bdc@google.com>Fri Apr 23 15:24:16 2010 -0700
committerBrian Carlstrom <bdc@google.com>Tue May 04 10:56:21 2010 -0700
treee1274892f7caedeb7589ce5a25dca4e15a5cda82
parent0e804cad5b26bb5b9906553b6ae87187edb31702 [diff] [blame]
Adding SSL_set_session_creation_enabled for SSLSocket.setEnableSessionCreation(false) support

SSL_set_session_creation_enabled implementation

    Add session_creation_enabled to ssl_st (aka SSL)
    Add SSL_set_session_creation_enabled(SSL*, int) declaration
    Add SSL_R_SESSION_MAY_NOT_BE_CREATED error reason

	include/openssl/ssl.h
	ssl/ssl.h

    Before creating session, check if session_creation_enabled.
    If not, error out, sending alert when possible in SSL3+ cases.

	ssl/d1_clnt.c
	ssl/s23_clnt.c
	ssl/s3_clnt.c
	ssl/s3_srvr.c

    Add error message for SSL_R_SESSION_MAY_NOT_BE_CREATED

	ssl/ssl_err.c

    Initialize session_creation_enabled to 1 in SSL_new

	ssl/ssl_lib.c

    Definition of SSL_set_session_creation_enabled.  Add lower level
    check for session_creation_enabled in ssl_get_new_session in case
    it is not caught by higher levels.

	ssl/ssl_sess.c

Patch details

    Added jsse.patch to list and add list of patched files.
    Fix whitespace to be tabs for consistency.

	openssl.config

    Add description of jsse.patch

	patches/README

    The patch itself, containing the above described changes

	patches/jsse.patch

Testing

    Updated with note to run javax.net.ssl tests now that they are working reliably.

	README.android

Change-Id: I21763ffbb29278b1c2d88d947eb780f38f637b2d

diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 0eed464..34f7db7 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c

@@ -462,6 +462,7 @@
 {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),"scsv received when renegotiating"},
 {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT)    ,"serverhello tlsext"},
 {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),"session id context uninitialized"},
+{ERR_REASON(SSL_R_SESSION_MAY_NOT_BE_CREATED),"session may not be created"},
 {ERR_REASON(SSL_R_SHORT_READ)            ,"short read"},
 {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),"signature for non signing certificate"},
 {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),"ssl23 doing session id reuse"},