This callback type is used inside SSL_CTX, SSL, and in the functions that set
them. It is used to override the generation of SSL/TLS session IDs in a
server. Return value should be zero on an error, non-zero to proceed. Also,
callbacks should themselves check if the id they generate is unique otherwise
the SSL handshake will fail with an error - callbacks can do this using the
'ssl' value they're passed by;
SSL_has_matching_session_id(ssl, id, *id_len)
The length value passed in is set at the maximum size the session ID can be.
In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
can alter this length to be less if desired, but under SSLv2 session IDs are
supposed to be fixed at 16 bytes so the id will be padded after the callback
returns in this case. It is also an error for the callback to set the size to
zero.
This callback type is used inside SSL_CTX, SSL, and in the functions that set them. It is used to override the generation of SSL/TLS session IDs in a server. Return value should be zero on an error, non-zero to proceed. Also, callbacks should themselves check if the id they generate is unique otherwise the SSL handshake will fail with an error - callbacks can do this using the 'ssl' value they're passed by; SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in is set at the maximum size the session ID can be. In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback can alter this length to be less if desired, but under SSLv2 session IDs are supposed to be fixed at 16 bytes so the id will be padded after the callback returns in this case. It is also an error for the callback to set the size to zero.