Made session tickets support configurable from config.h
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f94fda5..0dbcdb5 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -47,6 +47,7 @@
#include <time.h>
#endif
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
/*
* Serialize a session in the following format:
* 0 . n-1 session structure, n = sizeof(ssl_session)
@@ -300,6 +301,7 @@
return( 0 );
}
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
static int ssl_parse_servername_ext( ssl_context *ssl,
const unsigned char *buf,
@@ -584,6 +586,7 @@
return( 0 );
}
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
static int ssl_parse_session_ticket_ext( ssl_context *ssl,
unsigned char *buf,
size_t len )
@@ -625,6 +628,7 @@
return( 0 );
}
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
static int ssl_parse_client_hello_v2( ssl_context *ssl )
@@ -1176,6 +1180,7 @@
return( ret );
break;
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
case TLS_EXT_SESSION_TICKET:
SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) );
@@ -1183,6 +1188,7 @@
if( ret != 0 )
return( ret );
break;
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
default:
SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
@@ -1316,6 +1322,7 @@
*olen = 4;
}
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
static void ssl_write_session_ticket_ext( ssl_context *ssl,
unsigned char *buf,
size_t *olen )
@@ -1338,6 +1345,7 @@
*olen = 4;
}
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
static void ssl_write_renegotiation_ext( ssl_context *ssl,
unsigned char *buf,
@@ -1466,11 +1474,12 @@
*/
ssl->state++;
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
if( ssl->handshake->new_session_ticket == 0 )
{
ssl->session_negotiate->length = n = 32;
if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id,
- n ) ) != 0 )
+ n ) ) != 0 )
return( ret );
}
else
@@ -1478,6 +1487,12 @@
ssl->session_negotiate->length = 0;
memset( ssl->session_negotiate->id, 0, 32 );
}
+#else
+ ssl->session_negotiate->length = n = 32;
+ if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id,
+ n ) ) != 0 )
+ return( ret );
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
}
else
{
@@ -1531,8 +1546,10 @@
ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
+#endif
SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
@@ -2469,6 +2486,7 @@
!POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED &&
!POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
static int ssl_write_new_session_ticket( ssl_context *ssl )
{
int ret;
@@ -2518,6 +2536,7 @@
return( 0 );
}
+#endif /* POLARSSL_SSL_SESSION_TICKETS */
/*
* SSL handshake -- server side -- single step
@@ -2607,9 +2626,11 @@
* Finished
*/
case SSL_SERVER_CHANGE_CIPHER_SPEC:
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
if( ssl->handshake->new_session_ticket != 0 )
ret = ssl_write_new_session_ticket( ssl );
else
+#endif
ret = ssl_write_change_cipher_spec( ssl );
break;