~sircmpwn/gmnisrv

57835017523fbd269594bb63c2628017e11eb423 — mbays 3 years ago 32854b7 1.0
set session id context

This is necessary now client certificates are supported.
Without it, an attempt to resume a session fails with
"ssl_get_prev_session:session id context uninitialized".
1 files changed, 1 insertions(+), 0 deletions(-)

M src/tls.c
M src/tls.c => src/tls.c +1 -0
@@ 194,6 194,7 @@ tls_init(struct gmnisrv_config *conf)
	assert(r == 1);

	SSL_CTX_set_tlsext_servername_callback(conf->tls.ssl_ctx, NULL);
	SSL_CTX_set_session_id_context(conf->tls.ssl_ctx, (const unsigned char*)"gmnisrv", 7);
	SSL_CTX_set_verify(conf->tls.ssl_ctx, SSL_VERIFY_PEER, NULL);
	// use always_true_callback to ignore errors such as self-signed error
	SSL_CTX_set_cert_verify_callback(conf->tls.ssl_ctx, always_true_callback, NULL);