summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authormbays <mbays@sdf.org>2021-08-26 18:52:34 +0200
committerDrew DeVault <sir@cmpwn.com>2021-08-27 09:48:07 +0200
commit57835017523fbd269594bb63c2628017e11eb423 (patch)
treed675e196fa9b63e3903077089b2d9f8dd5d9962e /src
parent32854b79c73b278bf33eb5123abf1c36abdc7c01 (diff)
downloadgmnisrv-57835017523fbd269594bb63c2628017e11eb423.tar.gz
gmnisrv-57835017523fbd269594bb63c2628017e11eb423.tar.xz
gmnisrv-57835017523fbd269594bb63c2628017e11eb423.zip
set session id context
This is necessary now client certificates are supported. Without it, an attempt to resume a session fails with "ssl_get_prev_session:session id context uninitialized".
Diffstat (limited to 'src')
-rw-r--r--src/tls.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/tls.c b/src/tls.c
index 0e092d3..02d7ab7 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -194,6 +194,7 @@ tls_init(struct gmnisrv_config *conf)
assert(r == 1);
SSL_CTX_set_tlsext_servername_callback(conf->tls.ssl_ctx, NULL);
+ SSL_CTX_set_session_id_context(conf->tls.ssl_ctx, (const unsigned char*)"gmnisrv", 7);
SSL_CTX_set_verify(conf->tls.ssl_ctx, SSL_VERIFY_PEER, NULL);
// use always_true_callback to ignore errors such as self-signed error
SSL_CTX_set_cert_verify_callback(conf->tls.ssl_ctx, always_true_callback, NULL);