Add SSL_initial_handshake_complete.

To account for the changes in ticket renewal, Chromium will need to listen for new_session_cb to determine whether the handshake produced a new session. Chromium currently never caches sessions produced on a renegotiation. To retain that behavior, it'll need to know whether new_session_cb is initial or not. Rather than maintain duplicate state and listen for SSL_HANDSHAKE_DONE, it's simpler to just let it query ssl->s3->initial_handshake_complete. BUG=501418 Change-Id: Ib2f2541460bd09cf16106388e9cfdf3662e02681 Reviewed-on: https://boringssl-review.googlesource.com/5126 Reviewed-by: Adam Langley <agl@google.com>
2015-06-17 13:11:50 -04:00 · 2015-06-17 13:11:50 -04:00 · d65bb78c6c
commit d65bb78c6c
parent b0acb7743f
2 changed files with 8 additions and 0 deletions
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@ -517,6 +517,10 @@ OPENSSL_EXPORT uint32_t SSL_get_mode(const SSL *ssl);
 OPENSSL_EXPORT int SSL_get_tls_unique(const SSL *ssl, uint8_t *out,
                                      size_t *out_len, size_t max_out);

+/* SSL_initial_handshake_complete returns one if the initial handshake has
+ * completed and zero otherwise. */
+OPENSSL_EXPORT int SSL_initial_handshake_complete(const SSL *ssl);
+

 /* Underdocumented functions.
 *
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -2941,6 +2941,10 @@ err:
  return 0;
 }

+int SSL_initial_handshake_complete(const SSL *ssl) {
+  return ssl->s3->initial_handshake_complete;
+}
+
 int SSL_CTX_sess_connect(const SSL_CTX *ctx) { return 0; }
 int SSL_CTX_sess_connect_good(const SSL_CTX *ctx) { return 0; }
 int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx) { return 0; }