changelog shortlog tags files raw

changeset: ssl: Set session_id

changeset 847: 6d85be38374c
parent 846:8fc81b820353
child 848:72fac8384b7c
author: Simon Horman <horms@verge.net.au>
date: Wed Jul 28 10:28:43 2010 +0900 (3 years ago)
files: perdition/ssl.c
description: ssl: Set session_id

This allows session re-negoatiation to work
in conjunction with the verification of client certificates.

In particular, it allows Thunderbird 3.1 to connect to perdition using TLS.

An alternate work-around is to disable all certificate verification using
--ssl_no_client_cert_verify or disable client certificate verification
using --ssl_no_cert_verify (introduced in 1.19-rc1).

This relates to Mozilla Bug #575915
https://bugzilla.mozilla.org/show_bug.cgi?id=575915

Tested-by: John Feuerstein <john@feurix.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
       1--- a/perdition/ssl.c	Mon Jul 26 15:29:04 2010 +0900
       2+++ b/perdition/ssl.c	Wed Jul 28 10:28:43 2010 +0900
       3@@ -528,6 +528,14 @@
       4 		return NULL;
       5 	}
       6 
       7+	/* Set context for session */
       8+	if (!SSL_CTX_set_session_id_context(ssl_ctx,
       9+					    (unsigned char *)PACKAGE,
      10+					    strlen(PACKAGE))) {
      11+		VANESSA_LOGGER_DEBUG("SSL_CTX_set_session_id_context");
      12+		goto err;
      13+	}
      14+
      15 	/*
      16 	 * Set the available ciphers
      17 	 */