diff options
| author | mbays <mbays@sdf.org> | 2021-08-26 18:52:34 +0200 |
|---|---|---|
| committer | Drew DeVault <sir@cmpwn.com> | 2021-08-27 09:48:07 +0200 |
| commit | 57835017523fbd269594bb63c2628017e11eb423 (patch) | |
| tree | d675e196fa9b63e3903077089b2d9f8dd5d9962e | |
| parent | 32854b79c73b278bf33eb5123abf1c36abdc7c01 (diff) | |
| download | gmnisrv-57835017523fbd269594bb63c2628017e11eb423.tar.gz gmnisrv-57835017523fbd269594bb63c2628017e11eb423.tar.xz gmnisrv-57835017523fbd269594bb63c2628017e11eb423.zip | |
set session id context
This is necessary now client certificates are supported.
Without it, an attempt to resume a session fails with
"ssl_get_prev_session:session id context uninitialized".
| -rw-r--r-- | src/tls.c | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -194,6 +194,7 @@ tls_init(struct gmnisrv_config *conf) assert(r == 1); SSL_CTX_set_tlsext_servername_callback(conf->tls.ssl_ctx, NULL); + SSL_CTX_set_session_id_context(conf->tls.ssl_ctx, (const unsigned char*)"gmnisrv", 7); SSL_CTX_set_verify(conf->tls.ssl_ctx, SSL_VERIFY_PEER, NULL); // use always_true_callback to ignore errors such as self-signed error SSL_CTX_set_cert_verify_callback(conf->tls.ssl_ctx, always_true_callback, NULL); |
