--- /dev/null
+.\" $OpenBSD: SSL_CTX_set_num_tickets.3,v 1.1 2021/10/23 16:29:15 beck Exp $
+.\"
+.\" Copyright (c) 2021 Bob Beck <beck@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: October 23 2021 $
+.Dt SSL_CTX_SET_NUM_TICKETS 3
+.Os
+.Sh NAME
+.Nm SSL_CTX_set_num_tickets ,
+.Nm SSL_CTX_get_num_tickets ,
+.Nm SSL_set_num_tickets ,
+.Nm SSL_get_num_tickets
+.Nd Set and get the number of TLS 1.3 session tickets to be sent
+.Sh SYNOPSIS
+.In openssl/ssl.h
+.Ft void
+.Fn SSL_CTX_set_num_tickets "SSL_CTX *ctx" "size_t num_tickets"
+.Ft SSL_CTX_get_num_tickets "const SSL_CTX *ctx"
+.Fn SSL_set_num_tickets "SSL *ssl" "size_t num_tickets"
+.Ft SSL_get_num_tickets "const SSL *ssl"
+.Sh DESCRIPTION
+These functions set, and retrieve, the configured number of session
+tickets from the respective objects.
+.Pp
+These functions are provided only for compatibility with OpenSSL.
+They have no effect in LibreSSL.
+.Sh RETURN VALUES
+.Fn SSL_CTX_set_num_tickets
+and
+.Fn SSL_set_num_tickets
+always return 1.
+.Pp
+.Fn SSL_CTX_get_num_tickets
+and
+.Fn SSL_get_num_tickets
+return the previously set number of tickets, or 0 if they have not been set.
+.Sh SEE ALSO
+.Xr ssl 3 ,
+.Xr SSL_CTX_new 3
+.Sh HISTORY
+These function first appeared in OpenSSL 1.1.1
+and have been available since
+.Ox 7.1 .
-/* $OpenBSD: ssl.h,v 1.212 2021/10/23 15:30:44 beck Exp $ */
+/* $OpenBSD: ssl.h,v 1.213 2021/10/23 16:29:15 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#if defined(LIBRESSL_NEW_API)
void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);
+int SSL_set_num_tickets(SSL *s, size_t num_tickets);
+size_t SSL_get_num_tickets(const SSL *s);
+int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
#endif
#ifndef LIBRESSL_INTERNAL
-/* $OpenBSD: ssl_lib.c,v 1.273 2021/10/23 16:11:30 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.274 2021/10/23 16:29:15 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
s->internal->options = ctx->internal->options;
s->internal->mode = ctx->internal->mode;
s->internal->max_cert_list = ctx->internal->max_cert_list;
+ s->internal->num_tickets = ctx->internal->num_tickets;
if ((s->cert = ssl_cert_dup(ctx->internal->cert)) == NULL)
goto err;
return (ctx->internal->keylog_callback);
}
+int
+SSL_set_num_tickets(SSL *s, size_t num_tickets)
+{
+ s->internal->num_tickets = num_tickets;
+
+ return 1;
+}
+
+size_t
+SSL_get_num_tickets(const SSL *s)
+{
+ return s->internal->num_tickets;
+}
+
+int
+SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
+{
+ ctx->internal->num_tickets = num_tickets;
+
+ return 1;
+}
+
+size_t
+SSL_CTX_get_num_tickets(const SSL_CTX *ctx)
+{
+ return ctx->internal->num_tickets;
+}
+
int
SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
{
-/* $OpenBSD: ssl_locl.h,v 1.364 2021/10/23 15:02:27 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.365 2021/10/23 16:29:15 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
size_t tlsext_supportedgroups_length;
uint16_t *tlsext_supportedgroups; /* our list */
SSL_CTX_keylog_cb_func keylog_callback; /* Unused. For OpenSSL compatibility. */
+ size_t num_tickets; /* Unused, for OpenSSL compatibility */
} SSL_CTX_INTERNAL;
struct ssl_ctx_st {
int mac_packet;
int empty_record_count;
+
+ size_t num_tickets; /* Unused, for OpenSSL compatibility */
} SSL_INTERNAL;
struct ssl_st {
projects / openbsd / commitdiff