From 35bcc989489fc717588ca86696648dc49c142adc Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Mon, 20 Oct 2014 09:25:14 -0700
Subject: [PATCH] Added a callback when receiving a NewSessionTicket handshake
 message.

---
 cyassl/internal.h        |  4 +++-
 cyassl/ssl.h             |  3 +++
 examples/client/client.c | 27 +++++++++++++++++++++++++++
 src/internal.c           |  7 +++++++
 src/ssl.c                | 13 +++++++++++++
 5 files changed, 53 insertions(+), 1 deletion(-)

diff --git a/cyassl/internal.h b/cyassl/internal.h
index 669a386a5..824f743bb 100644
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@@ -2070,7 +2070,9 @@ struct CYASSL {
         SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
     #endif                                         /* user turned on */
     #if !defined(NO_CYASSL_CLIENT) && defined(HAVE_SESSION_TICKET)
-        byte           expect_session_ticket; 
+        CallbackSessionTicket session_ticket_cb;
+        void*                 session_ticket_ctx;
+        byte                  expect_session_ticket;
     #endif
 #endif /* HAVE_TLS_EXTENSIONS */
 #ifdef HAVE_NETX
diff --git a/cyassl/ssl.h b/cyassl/ssl.h
index 822124f85..42af57e25 100644
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@@ -1326,6 +1326,9 @@ CYASSL_API int CyaSSL_UseSessionTicket(CYASSL* ssl);
 CYASSL_API int CyaSSL_CTX_UseSessionTicket(CYASSL_CTX* ctx);
 CYASSL_API int CyaSSL_get_SessionTicket(CYASSL*, unsigned char*, unsigned int*);
 CYASSL_API int CyaSSL_set_SessionTicket(CYASSL*, unsigned char*, unsigned int);
+typedef int (*CallbackSessionTicket)(CYASSL*, const unsigned char*, int, void*);
+CYASSL_API int CyaSSL_set_SessionTicket_cb(CYASSL*,
+                                                  CallbackSessionTicket, void*);
 
 #endif
 #endif
diff --git a/examples/client/client.c b/examples/client/client.c
index a0fc02dcd..f7b27b040 100644
--- a/examples/client/client.c
+++ b/examples/client/client.c
@@ -58,6 +58,10 @@
     Timeval timeout;
 #endif
 
+#ifdef HAVE_SESSION_TICKET
+    int sessionTicketCB(CYASSL*, const unsigned char*, int, void*);
+#endif
+
 
 static void NonBlockingSSL_Connect(CYASSL* ssl)
 {
@@ -638,6 +642,9 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
     ssl = CyaSSL_new(ctx);
     if (ssl == NULL)
         err_sys("unable to get SSL object");
+    #ifdef HAVE_SESSION_TICKET
+    CyaSSL_set_SessionTicket_cb(ssl, sessionTicketCB, (void*)"initial session");
+    #endif
     if (doDTLS) {
         SOCKADDR_IN_T addr;
         build_addr(&addr, host, port, 1);
@@ -801,6 +808,10 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
         }
         CyaSSL_set_fd(sslResume, sockfd);
         CyaSSL_set_session(sslResume, session);
+#ifdef HAVE_SESSION_TICKET
+        CyaSSL_set_SessionTicket_cb(sslResume, sessionTicketCB,
+                                    (void*)"resumed session");
+#endif
        
         showPeer(sslResume);
 #ifndef CYASSL_CALLBACKS
@@ -930,3 +941,19 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
 
 #endif
 
+
+#ifdef HAVE_SESSION_TICKET
+
+    int sessionTicketCB(CYASSL* ssl,
+                        const unsigned char* ticket, int ticketSz,
+                        void* ctx)
+    {
+        (void)ssl;
+        (void)ticket;
+        printf("Session Ticket CB: ticketSz = %d, ctx = %s\n",
+               ticketSz, (char*)ctx);
+        return 0;
+    }
+
+#endif
+
diff --git a/src/internal.c b/src/internal.c
index 896cb531b..cb6429094 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1758,6 +1758,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
     ssl->secure_renegotiation = NULL;
 #endif
 #if !defined(NO_CYASSL_CLIENT) && defined(HAVE_SESSION_TICKET)
+    ssl->session_ticket_cb = NULL;
+    ssl->session_ticket_ctx = NULL;
     ssl->expect_session_ticket = 0;
 #endif
 #endif
@@ -10508,6 +10510,11 @@ int DoSessionTicket(CYASSL* ssl,
         *inOutIdx += length;
         ssl->session.ticketLen = length;
         ssl->timeout = lifetime;
+        if (ssl->session_ticket_cb != NULL) {
+            ssl->session_ticket_cb(ssl,
+                                   ssl->session.ticket, ssl->session.ticketLen,
+                                   ssl->session_ticket_ctx);
+        }
         /* Create a fake sessionID based on the ticket, this will
          * supercede the existing session cache info. */
         ssl->options.haveSessionId = 1;
diff --git a/src/ssl.c b/src/ssl.c
index a780fdab8..10b595af5 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -848,6 +848,19 @@ CYASSL_API int CyaSSL_set_SessionTicket(CYASSL* ssl, byte* buf, word32 bufSz)
 
     return SSL_SUCCESS;
 }
+
+
+CYASSL_API int CyaSSL_set_SessionTicket_cb(CYASSL* ssl,
+                                            CallbackSessionTicket cb, void* ctx)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    ssl->session_ticket_cb = cb;
+    ssl->session_ticket_ctx = ctx;
+
+    return SSL_SUCCESS;
+}
 #endif
 
 #ifndef CYASSL_LEANPSK