Only allow SSL_set_session before the handshake.

Otherwise things break horribly. Explicitly abort to help catch bugs. Change-Id: I66e2bf8808199b3331b3adde68d73758a601eb8c Reviewed-on: https://boringssl-review.googlesource.com/10761 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
author: David Benjamin <davidben@google.com> 2016-09-01 08:10:07 +0300
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> 2016-09-12 22:16:46 +0300
commit: 4d0be243192074dc1b31953b553c09a9c7a224e6 (patch)
tree: fc58f5fa1a498e024bf1f3f4f8b73dbe87dbb8c9 /include/openssl
parent: 8e726eca12ff4dab5df1ea2c8fc9309d19d2974a (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index ce2ba41a..4ff25ce8 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1683,7 +1683,9 @@ OPENSSL_EXPORT int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx);
 
 /* SSL_set_session, for a client, configures |ssl| to offer to resume |session|
  * in the initial handshake and returns one. The caller retains ownership of
- * |session|. */
+ * |session|.
+ *
+ * It is an error to call this function after the handshake has begun. */
 OPENSSL_EXPORT int SSL_set_session(SSL *ssl, SSL_SESSION *session);
 
 /* SSL_get_session returns a non-owning pointer to |ssl|'s session. For
author	David Benjamin <davidben@google.com>	2016-09-01 08:10:07 +0300
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2016-09-12 22:16:46 +0300
commit	4d0be243192074dc1b31953b553c09a9c7a224e6 (patch)
tree	fc58f5fa1a498e024bf1f3f4f8b73dbe87dbb8c9 /include/openssl
parent	8e726eca12ff4dab5df1ea2c8fc9309d19d2974a (diff)