From f2baac27d5f95326fa441e1cb08925b46f88b21c Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Sun, 8 Feb 2015 15:43:16 +0000
Subject: [PATCH] Provide the API functions SSL_SESSION_has_ticket and
 SSL_SESSION_get_ticket_lifetime_hint. The latter has been reported as
 required to fix Qt for OpenSSL 1.1.0. I have also added the former in order
 to determine whether a ticket is present or not - otherwise it is difficult
 to know whether a zero lifetime hint is because the server set it to 0, or
 because there is no ticket.

Reviewed-by: Tim Hudson <tjh@openssl.org>
---
 doc/ssl/SSL_SESSION_has_ticket.pod | 34 ++++++++++++++++++++++++++++++
 ssl/ssl.h                          |  2 ++
 ssl/ssl_sess.c                     | 10 +++++++++
 3 files changed, 46 insertions(+)
 create mode 100644 doc/ssl/SSL_SESSION_has_ticket.pod

diff --git a/doc/ssl/SSL_SESSION_has_ticket.pod b/doc/ssl/SSL_SESSION_has_ticket.pod
new file mode 100644
index 0000000000..bf249a4ab9
--- /dev/null
+++ b/doc/ssl/SSL_SESSION_has_ticket.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+SSL_SESSION_has_ticket, SSL_SESSION_get_ticket_lifetime_hint - check whether a session has an associated ticket, and get its lifetime hint.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
+
+=head1 DESCRIPTION
+
+SSL_SESSION_has_ticket() returns 1 if there is a Session Ticket associated with
+this session, and 0 otherwise.
+
+SSL_SESSION_get_ticket_lifetime_hint returns the lifetime hint in seconds
+associated with the session ticket.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
+L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
+
+=head1 HISTORY
+
+SSL_SESSION_has_ticket and SSL_SESSION_get_ticket_lifetime_hint were added in
+OpenSSL 1.1.0.
+
+=cut
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 564b75ec88..6d9ac0301d 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1460,6 +1460,8 @@ long SSL_SESSION_get_time(const SSL_SESSION *s);
 long SSL_SESSION_set_time(SSL_SESSION *s, long t);
 long SSL_SESSION_get_timeout(const SSL_SESSION *s);
 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
 void SSL_copy_session_id(SSL *to, const SSL *from);
 X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
 int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 0eda59e1e7..0f07ed58a1 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -848,6 +848,16 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t)
     return (t);
 }
 
+int SSL_SESSION_has_ticket(const SSL_SESSION *s)
+{
+    return (s->tlsext_ticklen > 0) ? 1 : 0;
+}
+
+unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
+{
+    return s->tlsext_tick_lifetime_hint;
+}
+
 X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
 {
     return s->peer;
-- 
2.25.1