BoringSSL: Fix compilation error due to TLS 1.3 session tickets
SSL_CTX_set_num_tickets() is not available in boringSSL. So protect the call to SSL_CTX_set_num_tickets() under !defined(OPENSSL_IS_BORINGSSL) to fix the compilation error. Fixes:decac7cd1e("OpenSSL: Do not send out a TLS 1.3 session ticket if caching disabled") Fixes:81e2498889("OpenSSL: Limit the number of TLS 1.3 session tickets to one") Signed-off-by: Sunil Ravi <sunilravi@google.com>
This commit is contained in:
Sunil Ravi
Jouni Malinen
parent
a561d12d24
commit
5d56cf1c71
1 changed files with 2 additions and 2 deletions
|
|
@ -1106,13 +1106,13 @@ void * tls_init(const struct tls_config *conf)
|
|||
SSL_CTX_set_session_cache_mode(ssl, SSL_SESS_CACHE_SERVER);
|
||||
SSL_CTX_set_timeout(ssl, data->tls_session_lifetime);
|
||||
SSL_CTX_sess_set_remove_cb(ssl, remove_session_cb);
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10101000L
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(OPENSSL_IS_BORINGSSL)
|
||||
/* One session ticket is sufficient for EAP-TLS */
|
||||
SSL_CTX_set_num_tickets(ssl, 1);
|
||||
#endif
|
||||
} else {
|
||||
SSL_CTX_set_session_cache_mode(ssl, SSL_SESS_CACHE_OFF);
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10101000L
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(OPENSSL_IS_BORINGSSL)
|
||||
SSL_CTX_set_num_tickets(ssl, 0);
|
||||
#endif
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue