From cdfcdc4a040140786d94d74ee812b70996f311ff Mon Sep 17 00:00:00 2001
From: "7u83@mail.ru" <7u83@mail.ru@noemail.net>
Date: Sun, 3 Aug 2014 11:31:11 +0000
Subject: [PATCH] DTLS handshake now works with Cisco too. But it's still more
 in proof-of-concept-stage, because session ids and cookies are static.

FossilOrigin-Name: e8dcc3398c4dc166ef07c15ad43b64ee72aa330c183b01a2afbb27f5fa54eba7
---
 src/capwap/dtls_openssl.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/capwap/dtls_openssl.c b/src/capwap/dtls_openssl.c
index d22dfecc..7413816c 100644
--- a/src/capwap/dtls_openssl.c
+++ b/src/capwap/dtls_openssl.c
@@ -179,6 +179,17 @@ int dtls_openssl_set_certs(struct conn * conn, struct dtls_openssl_data *d)
 }
 
 
+int generate_session_id(const SSL *ssl, unsigned char * id, unsigned int *id_len)
+{
+	printf ("MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMagin session id\n");
+	const char * sessid = "7u83sessid";
+	memcpy(id,sessid,strlen(sessid));
+	*id_len=strlen(sessid);
+	return 1;
+}
+
+
+
 int dtls_verify_callback (int ok, X509_STORE_CTX *ctx) {
 
 
@@ -214,11 +225,13 @@ struct dtls_openssl_data * dtls_openssl_data_create(struct conn * conn, const SS
 		return 0;
 	}
 
-	SSL_CTX_set_session_cache_mode(d->ctx, SSL_SESS_CACHE_OFF);
+	SSL_CTX_set_session_cache_mode(d->ctx, SSL_SESS_CACHE_BOTH);
 	SSL_CTX_set_options(d->ctx, SSL_OP_COOKIE_EXCHANGE);
 
 	SSL_CTX_set_cookie_generate_cb(d->ctx, dtls_openssl_generate_cookie);
 	SSL_CTX_set_cookie_verify_cb(d->ctx, dtls_openssl_verify_cookie);
+	SSL_CTX_set_generate_session_id(d->ctx,generate_session_id);
+
 
 	SSL_CTX_set_verify(d->ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, dtls_verify_callback);