projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| d02b48c6 | 1 | /* ssl/ssl_sess.c */ |
| 58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| d02b48c6 RE |
3 | * All rights reserved. |
| 4 | * | |
| 5 | * This package is an SSL implementation written | |
| 6 | * by Eric Young (eay@cryptsoft.com). | |
| 7 | * The implementation was written so as to conform with Netscapes SSL. | |
| 8 | * | |
| 9 | * This library is free for commercial and non-commercial use as long as | |
| 10 | * the following conditions are aheared to. The following conditions | |
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
| 13 | * included with this distribution is covered by the same copyright terms | |
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
| 15 | * | |
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
| 17 | * the code are not to be removed. | |
| 18 | * If this package is used in a product, Eric Young should be given attribution | |
| 19 | * as the author of the parts of the library used. | |
| 20 | * This can be in the form of a textual message at program startup or | |
| 21 | * in documentation (online or textual) provided with the package. | |
| 22 | * | |
| 23 | * Redistribution and use in source and binary forms, with or without | |
| 24 | * modification, are permitted provided that the following conditions | |
| 25 | * are met: | |
| 26 | * 1. Redistributions of source code must retain the copyright | |
| 27 | * notice, this list of conditions and the following disclaimer. | |
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | |
| 29 | * notice, this list of conditions and the following disclaimer in the | |
| 30 | * documentation and/or other materials provided with the distribution. | |
| 31 | * 3. All advertising materials mentioning features or use of this software | |
| 32 | * must display the following acknowledgement: | |
| 33 | * "This product includes cryptographic software written by | |
| 34 | * Eric Young (eay@cryptsoft.com)" | |
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | |
| 36 | * being used are not cryptographic related :-). | |
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
| 38 | * the apps directory (application code) you must include an acknowledgement: | |
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
| 40 | * | |
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
| 51 | * SUCH DAMAGE. | |
| 52 | * | |
| 53 | * The licence and distribution terms for any publically available version or | |
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
| 55 | * copied and put under another distribution licence | |
| 56 | * [including the GNU Public Licence.] | |
| 57 | */ | |
| 58 | ||
| 59 | #include <stdio.h> | |
| ec577822 BM |
60 | #include <openssl/lhash.h> |
| 61 | #include <openssl/rand.h> | |
| d02b48c6 | 62 | #include "ssl_locl.h" |
| c046fffa | 63 | #include "cryptlib.h" |
| d02b48c6 | 64 | |
| 58964a49 RE |
65 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); |
| 66 | static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); | |
| 801294f8 | 67 | static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck); |
| 58964a49 | 68 | |
| 1088e27c | 69 | SSL_SESSION *SSL_get_session(SSL *ssl) |
| 52732b38 | 70 | /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */ |
| 1088e27c BM |
71 | { |
| 72 | return(ssl->session); | |
| 73 | } | |
| 52732b38 BM |
74 | |
| 75 | SSL_SESSION *SSL_get1_session(SSL *ssl) | |
| 76 | /* variant of SSL_get_session: caller really gets something */ | |
| 58964a49 | 77 | { |
| b7cfcfb7 MC |
78 | SSL_SESSION *sess; |
| 79 | /* Need to lock this all up rather than just use CRYPTO_add so that | |
| 80 | * somebody doesn't free ssl->session between when we check it's | |
| 81 | * non-null and when we up the reference count. */ | |
| 82 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION); | |
| 83 | sess = ssl->session; | |
| 84 | if(sess) | |
| 85 | sess->references++; | |
| 86 | CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION); | |
| 87 | return(sess); | |
| 58964a49 RE |
88 | } |
| 89 | ||
| dd9d233e DSH |
90 | int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
| 91 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | |
| b1c4fe36 | 92 | { |
| 79aa04ef GT |
93 | return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp, |
| 94 | new_func, dup_func, free_func); | |
| b1c4fe36 | 95 | } |
| 58964a49 | 96 | |
| 6b691a5c | 97 | int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) |
| 58964a49 RE |
98 | { |
| 99 | return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); | |
| 100 | } | |
| 101 | ||
| 6b691a5c | 102 | void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx) |
| 58964a49 RE |
103 | { |
| 104 | return(CRYPTO_get_ex_data(&s->ex_data,idx)); | |
| 105 | } | |
| 106 | ||
| 6b691a5c | 107 | SSL_SESSION *SSL_SESSION_new(void) |
| d02b48c6 RE |
108 | { |
| 109 | SSL_SESSION *ss; | |
| 110 | ||
| 26a3a48d | 111 | ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION)); |
| d02b48c6 RE |
112 | if (ss == NULL) |
| 113 | { | |
| 114 | SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE); | |
| 115 | return(0); | |
| 116 | } | |
| 117 | memset(ss,0,sizeof(SSL_SESSION)); | |
| 118 | ||
| b1fe6ca1 | 119 | ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ |
| d02b48c6 RE |
120 | ss->references=1; |
| 121 | ss->timeout=60*5+4; /* 5 minute timeout by default */ | |
| 122 | ss->time=time(NULL); | |
| 58964a49 RE |
123 | ss->prev=NULL; |
| 124 | ss->next=NULL; | |
| 413c4f45 | 125 | ss->compress_meth=0; |
| 79aa04ef | 126 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
| d02b48c6 RE |
127 | return(ss); |
| 128 | } | |
| 129 | ||
| dc644fe2 GT |
130 | /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1 |
| 131 | * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly | |
| 132 | * until we have no conflict is going to complete in one iteration pretty much | |
| 133 | * "most" of the time (btw: understatement). So, if it takes us 10 iterations | |
| 134 | * and we still can't avoid a conflict - well that's a reasonable point to call | |
| 135 | * it quits. Either the RAND code is broken or someone is trying to open roughly | |
| 136 | * very close to 2^128 (or 2^256) SSL sessions to our server. How you might | |
| 137 | * store that many sessions is perhaps a more interesting question ... */ | |
| 138 | ||
| 139 | #define MAX_SESS_ID_ATTEMPTS 10 | |
| 140 | static int def_generate_session_id(const SSL *ssl, unsigned char *id, | |
| 141 | unsigned int *id_len) | |
| 142 | { | |
| 143 | unsigned int retry = 0; | |
| 144 | do | |
| 145 | RAND_pseudo_bytes(id, *id_len); | |
| f85c9904 | 146 | while(SSL_has_matching_session_id(ssl, id, *id_len) && |
| dc644fe2 GT |
147 | (++retry < MAX_SESS_ID_ATTEMPTS)); |
| 148 | if(retry < MAX_SESS_ID_ATTEMPTS) | |
| 149 | return 1; | |
| 150 | /* else - woops a session_id match */ | |
| 151 | /* XXX We should also check the external cache -- | |
| 152 | * but the probability of a collision is negligible, and | |
| 153 | * we could not prevent the concurrent creation of sessions | |
| 154 | * with identical IDs since we currently don't have means | |
| 155 | * to atomically check whether a session ID already exists | |
| 156 | * and make a reservation for it if it does not | |
| 157 | * (this problem applies to the internal cache as well). | |
| 158 | */ | |
| 159 | return 0; | |
| 160 | } | |
| 161 | ||
| 6b691a5c | 162 | int ssl_get_new_session(SSL *s, int session) |
| d02b48c6 | 163 | { |
| b56bce4f BM |
164 | /* This gets used by clients and servers. */ |
| 165 | ||
| dc644fe2 | 166 | unsigned int tmp; |
| d02b48c6 | 167 | SSL_SESSION *ss=NULL; |
| dc644fe2 | 168 | GEN_SESSION_CB cb = def_generate_session_id; |
| d02b48c6 RE |
169 | |
| 170 | if ((ss=SSL_SESSION_new()) == NULL) return(0); | |
| 171 | ||
| 172 | /* If the context has a default timeout, use it */ | |
| 413c4f45 | 173 | if (s->ctx->session_timeout == 0) |
| d02b48c6 | 174 | ss->timeout=SSL_get_default_timeout(s); |
| 413c4f45 MC |
175 | else |
| 176 | ss->timeout=s->ctx->session_timeout; | |
| d02b48c6 RE |
177 | |
| 178 | if (s->session != NULL) | |
| 179 | { | |
| 180 | SSL_SESSION_free(s->session); | |
| 181 | s->session=NULL; | |
| 182 | } | |
| 183 | ||
| 184 | if (session) | |
| 185 | { | |
| 6d02d8e4 | 186 | if (s->version == SSL2_VERSION) |
| d02b48c6 | 187 | { |
| 58964a49 | 188 | ss->ssl_version=SSL2_VERSION; |
| d02b48c6 RE |
189 | ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; |
| 190 | } | |
| 58964a49 | 191 | else if (s->version == SSL3_VERSION) |
| d02b48c6 | 192 | { |
| 58964a49 RE |
193 | ss->ssl_version=SSL3_VERSION; |
| 194 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; | |
| 195 | } | |
| 196 | else if (s->version == TLS1_VERSION) | |
| 197 | { | |
| 198 | ss->ssl_version=TLS1_VERSION; | |
| d02b48c6 RE |
199 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; |
| 200 | } | |
| 201 | else | |
| 202 | { | |
| 203 | SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); | |
| 204 | SSL_SESSION_free(ss); | |
| 205 | return(0); | |
| 206 | } | |
| dc644fe2 GT |
207 | /* Choose which callback will set the session ID */ |
| 208 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); | |
| 209 | if(s->generate_session_id) | |
| 210 | cb = s->generate_session_id; | |
| 211 | else if(s->ctx->generate_session_id) | |
| 212 | cb = s->ctx->generate_session_id; | |
| 213 | CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); | |
| 214 | /* Choose a session ID */ | |
| 215 | tmp = ss->session_id_length; | |
| 216 | if(!cb(s, ss->session_id, &tmp)) | |
| 217 | { | |
| 218 | /* The callback failed */ | |
| 219 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, | |
| 220 | SSL_R_SSL_SESSION_ID_CALLBACK_FAILED); | |
| 221 | SSL_SESSION_free(ss); | |
| 222 | return(0); | |
| 223 | } | |
| 224 | /* Don't allow the callback to set the session length to zero. | |
| 225 | * nor set it higher than it was. */ | |
| 226 | if(!tmp || (tmp > ss->session_id_length)) | |
| d02b48c6 | 227 | { |
| dc644fe2 GT |
228 | /* The callback set an illegal length */ |
| 229 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, | |
| 230 | SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH); | |
| 231 | SSL_SESSION_free(ss); | |
| 232 | return(0); | |
| 233 | } | |
| 234 | /* If the session length was shrunk and we're SSLv2, pad it */ | |
| 235 | if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION)) | |
| 236 | memset(ss->session_id + tmp, 0, ss->session_id_length - tmp); | |
| 237 | else | |
| 238 | ss->session_id_length = tmp; | |
| 239 | /* Finally, check for a conflict */ | |
| f85c9904 | 240 | if(SSL_has_matching_session_id(s, ss->session_id, |
| dc644fe2 GT |
241 | ss->session_id_length)) |
| 242 | { | |
| 243 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, | |
| 244 | SSL_R_SSL_SESSION_ID_CONFLICT); | |
| 245 | SSL_SESSION_free(ss); | |
| 246 | return(0); | |
| d02b48c6 RE |
247 | } |
| 248 | } | |
| 249 | else | |
| 250 | { | |
| 251 | ss->session_id_length=0; | |
| 252 | } | |
| 253 | ||
| c046fffa | 254 | die(s->sid_ctx_length <= sizeof ss->sid_ctx); |
| b4cadc6e BL |
255 | memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); |
| 256 | ss->sid_ctx_length=s->sid_ctx_length; | |
| d02b48c6 RE |
257 | s->session=ss; |
| 258 | ss->ssl_version=s->version; | |
| b1fe6ca1 | 259 | ss->verify_result = X509_V_OK; |
| d02b48c6 RE |
260 | |
| 261 | return(1); | |
| 262 | } | |
| 263 | ||
| 6b691a5c | 264 | int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) |
| d02b48c6 | 265 | { |
| b56bce4f BM |
266 | /* This is used only by servers. */ |
| 267 | ||
| 58964a49 | 268 | SSL_SESSION *ret=NULL,data; |
| 8876bc05 | 269 | int fatal = 0; |
| d02b48c6 | 270 | |
| d02b48c6 RE |
271 | data.ssl_version=s->version; |
| 272 | data.session_id_length=len; | |
| 273 | if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) | |
| 8876bc05 | 274 | goto err; |
| b4cadc6e | 275 | memcpy(data.session_id,session_id,len); |
| d02b48c6 | 276 | |
| 58964a49 RE |
277 | if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) |
| 278 | { | |
| 279 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); | |
| 9d1a01be | 280 | ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data); |
| bdc98ffb BM |
281 | if (ret != NULL) |
| 282 | /* don't allow other threads to steal it: */ | |
| 283 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | |
| 58964a49 RE |
284 | CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); |
| 285 | } | |
| d02b48c6 RE |
286 | |
| 287 | if (ret == NULL) | |
| 288 | { | |
| 9a193d88 BM |
289 | int copy=1; |
| 290 | ||
| 413c4f45 | 291 | s->ctx->stats.sess_miss++; |
| d02b48c6 | 292 | ret=NULL; |
| b4cadc6e BL |
293 | if (s->ctx->get_session_cb != NULL |
| 294 | && (ret=s->ctx->get_session_cb(s,session_id,len,©)) | |
| 295 | != NULL) | |
| d02b48c6 | 296 | { |
| 413c4f45 | 297 | s->ctx->stats.sess_cb_hit++; |
| d02b48c6 | 298 | |
| 8876bc05 BM |
299 | /* Increment reference count now if the session callback |
| 300 | * asks us to do so (note that if the session structures | |
| 301 | * returned by the callback are shared between threads, | |
| 302 | * it must handle the reference count itself [i.e. copy == 0], | |
| 303 | * or things won't be thread-safe). */ | |
| 304 | if (copy) | |
| 305 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | |
| 306 | ||
| d02b48c6 RE |
307 | /* The following should not return 1, otherwise, |
| 308 | * things are very strange */ | |
| 309 | SSL_CTX_add_session(s->ctx,ret); | |
| d02b48c6 | 310 | } |
| 8876bc05 BM |
311 | if (ret == NULL) |
| 312 | goto err; | |
| d02b48c6 RE |
313 | } |
| 314 | ||
| 8876bc05 BM |
315 | /* Now ret is non-NULL, and we own one of its reference counts. */ |
| 316 | ||
| b4cadc6e BL |
317 | if((s->verify_mode&SSL_VERIFY_PEER) |
| 318 | && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length | |
| 319 | || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))) | |
| 320 | { | |
| 8876bc05 BM |
321 | /* We've found the session named by the client, but we don't |
| 322 | * want to use it in this context. */ | |
| 323 | ||
| 324 | if (s->sid_ctx_length == 0) | |
| 325 | { | |
| 326 | /* application should have used SSL[_CTX]_set_session_id_context | |
| 327 | * -- we could tolerate this and just pretend we never heard | |
| 328 | * of this session, but then applications could effectively | |
| 329 | * disable the session cache by accident without anyone noticing */ | |
| 330 | ||
| 673eadec | 331 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); |
| 8876bc05 BM |
332 | fatal = 1; |
| 333 | goto err; | |
| 334 | } | |
| 335 | else | |
| 336 | { | |
| 337 | #if 0 /* The client cannot always know when a session is not appropriate, | |
| 338 | * so we shouldn't generate an error message. */ | |
| 339 | ||
| 340 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | |
| 341 | #endif | |
| 342 | goto err; /* treat like cache miss */ | |
| 343 | } | |
| 344 | } | |
| b4cadc6e | 345 | |
| d02b48c6 RE |
346 | if (ret->cipher == NULL) |
| 347 | { | |
| c5db363e | 348 | unsigned char buf[5],*p; |
| d02b48c6 RE |
349 | unsigned long l; |
| 350 | ||
| 351 | p=buf; | |
| 352 | l=ret->cipher_id; | |
| 353 | l2n(l,p); | |
| 58964a49 | 354 | if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR) |
| d02b48c6 RE |
355 | ret->cipher=ssl_get_cipher_by_char(s,&(buf[2])); |
| 356 | else | |
| 357 | ret->cipher=ssl_get_cipher_by_char(s,&(buf[1])); | |
| 358 | if (ret->cipher == NULL) | |
| 8876bc05 | 359 | goto err; |
| d02b48c6 RE |
360 | } |
| 361 | ||
| 8876bc05 BM |
362 | |
| 363 | #if 0 /* This is way too late. */ | |
| 364 | ||
| d02b48c6 | 365 | /* If a thread got the session, then 'swaped', and another got |
| 26a3a48d | 366 | * it and then due to a time-out decided to 'OPENSSL_free' it we could |
| d02b48c6 RE |
367 | * be in trouble. So I'll increment it now, then double decrement |
| 368 | * later - am I speaking rubbish?. */ | |
| 369 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | |
| 8876bc05 | 370 | #endif |
| d02b48c6 RE |
371 | |
| 372 | if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */ | |
| 373 | { | |
| 413c4f45 | 374 | s->ctx->stats.sess_timeout++; |
| d02b48c6 RE |
375 | /* remove it from the cache */ |
| 376 | SSL_CTX_remove_session(s->ctx,ret); | |
| 8876bc05 | 377 | goto err; |
| d02b48c6 RE |
378 | } |
| 379 | ||
| 413c4f45 | 380 | s->ctx->stats.sess_hit++; |
| d02b48c6 RE |
381 | |
| 382 | /* ret->time=time(NULL); */ /* rezero timeout? */ | |
| 383 | /* again, just leave the session | |
| 384 | * if it is the same session, we have just incremented and | |
| 385 | * then decremented the reference count :-) */ | |
| 386 | if (s->session != NULL) | |
| 387 | SSL_SESSION_free(s->session); | |
| 388 | s->session=ret; | |
| b1fe6ca1 | 389 | s->verify_result = s->session->verify_result; |
| d02b48c6 | 390 | return(1); |
| 8876bc05 BM |
391 | |
| 392 | err: | |
| 393 | if (ret != NULL) | |
| 394 | SSL_SESSION_free(ret); | |
| 395 | if (fatal) | |
| 396 | return -1; | |
| 397 | else | |
| 398 | return 0; | |
| d02b48c6 RE |
399 | } |
| 400 | ||
| 6b691a5c | 401 | int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) |
| d02b48c6 | 402 | { |
| 58964a49 | 403 | int ret=0; |
| d02b48c6 RE |
404 | SSL_SESSION *s; |
| 405 | ||
| 45fd4dbb BM |
406 | /* add just 1 reference count for the SSL_CTX's session cache |
| 407 | * even though it has two ways of access: each session is in a | |
| 408 | * doubly linked list and an lhash */ | |
| d02b48c6 | 409 | CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION); |
| 45fd4dbb | 410 | /* if session c is in already in cache, we take back the increment later */ |
| d02b48c6 RE |
411 | |
| 412 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); | |
| 9d1a01be | 413 | s=(SSL_SESSION *)lh_insert(ctx->sessions,c); |
| 58964a49 | 414 | |
| 45fd4dbb BM |
415 | /* s != NULL iff we already had a session with the given PID. |
| 416 | * In this case, s == c should hold (then we did not really modify | |
| 417 | * ctx->sessions), or we're in trouble. */ | |
| 418 | if (s != NULL && s != c) | |
| 419 | { | |
| 420 | /* We *are* in trouble ... */ | |
| 421 | SSL_SESSION_list_remove(ctx,s); | |
| 422 | SSL_SESSION_free(s); | |
| 423 | /* ... so pretend the other session did not exist in cache | |
| 424 | * (we cannot handle two SSL_SESSION structures with identical | |
| 425 | * session ID in the same cache, which could happen e.g. when | |
| 426 | * two threads concurrently obtain the same session from an external | |
| 427 | * cache) */ | |
| 428 | s = NULL; | |
| 429 | } | |
| 430 | ||
| 431 | /* Put at the head of the queue unless it is already in the cache */ | |
| 58964a49 RE |
432 | if (s == NULL) |
| 433 | SSL_SESSION_list_add(ctx,c); | |
| d02b48c6 | 434 | |
| d02b48c6 RE |
435 | if (s != NULL) |
| 436 | { | |
| 45fd4dbb BM |
437 | /* existing cache entry -- decrement previously incremented reference |
| 438 | * count because it already takes into account the cache */ | |
| 439 | ||
| 440 | SSL_SESSION_free(s); /* s == c */ | |
| 58964a49 | 441 | ret=0; |
| d02b48c6 RE |
442 | } |
| 443 | else | |
| 58964a49 | 444 | { |
| 45fd4dbb BM |
445 | /* new cache entry -- remove old ones if cache has become too large */ |
| 446 | ||
| 58964a49 RE |
447 | ret=1; |
| 448 | ||
| 449 | if (SSL_CTX_sess_get_cache_size(ctx) > 0) | |
| 450 | { | |
| 451 | while (SSL_CTX_sess_number(ctx) > | |
| 452 | SSL_CTX_sess_get_cache_size(ctx)) | |
| 453 | { | |
| 801294f8 DSH |
454 | if (!remove_session_lock(ctx, |
| 455 | ctx->session_cache_tail, 0)) | |
| 58964a49 RE |
456 | break; |
| 457 | else | |
| 413c4f45 | 458 | ctx->stats.sess_cache_full++; |
| 58964a49 RE |
459 | } |
| 460 | } | |
| 461 | } | |
| 462 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); | |
| 463 | return(ret); | |
| d02b48c6 RE |
464 | } |
| 465 | ||
| 6b691a5c | 466 | int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c) |
| 801294f8 DSH |
467 | { |
| 468 | return remove_session_lock(ctx, c, 1); | |
| 469 | } | |
| 470 | ||
| 0fda2e37 | 471 | static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) |
| d02b48c6 RE |
472 | { |
| 473 | SSL_SESSION *r; | |
| 474 | int ret=0; | |
| 475 | ||
| 58964a49 | 476 | if ((c != NULL) && (c->session_id_length != 0)) |
| d02b48c6 | 477 | { |
| 801294f8 | 478 | if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); |
| acfe628b | 479 | if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c) |
| 58964a49 RE |
480 | { |
| 481 | ret=1; | |
| acfe628b | 482 | r=(SSL_SESSION *)lh_delete(ctx->sessions,c); |
| 58964a49 RE |
483 | SSL_SESSION_list_remove(ctx,c); |
| 484 | } | |
| d02b48c6 | 485 | |
| 801294f8 | 486 | if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); |
| d02b48c6 RE |
487 | |
| 488 | if (ret) | |
| 489 | { | |
| 490 | r->not_resumable=1; | |
| 491 | if (ctx->remove_session_cb != NULL) | |
| 58964a49 | 492 | ctx->remove_session_cb(ctx,r); |
| d02b48c6 RE |
493 | SSL_SESSION_free(r); |
| 494 | } | |
| 495 | } | |
| 496 | else | |
| 497 | ret=0; | |
| 498 | return(ret); | |
| 499 | } | |
| 500 | ||
| 6b691a5c | 501 | void SSL_SESSION_free(SSL_SESSION *ss) |
| d02b48c6 RE |
502 | { |
| 503 | int i; | |
| 504 | ||
| e03ddfae BL |
505 | if(ss == NULL) |
| 506 | return; | |
| 507 | ||
| d02b48c6 | 508 | i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION); |
| 58964a49 RE |
509 | #ifdef REF_PRINT |
| 510 | REF_PRINT("SSL_SESSION",ss); | |
| 511 | #endif | |
| d02b48c6 RE |
512 | if (i > 0) return; |
| 513 | #ifdef REF_CHECK | |
| 514 | if (i < 0) | |
| 515 | { | |
| 516 | fprintf(stderr,"SSL_SESSION_free, bad reference count\n"); | |
| 517 | abort(); /* ok */ | |
| 518 | } | |
| 519 | #endif | |
| 520 | ||
| 79aa04ef | 521 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
| 58964a49 | 522 | |
| d02b48c6 RE |
523 | memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); |
| 524 | memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); | |
| 525 | memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); | |
| b56bce4f | 526 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); |
| d02b48c6 | 527 | if (ss->peer != NULL) X509_free(ss->peer); |
| f73e07cf | 528 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); |
| d02b48c6 | 529 | memset(ss,0,sizeof(*ss)); |
| 26a3a48d | 530 | OPENSSL_free(ss); |
| d02b48c6 RE |
531 | } |
| 532 | ||
| 6b691a5c | 533 | int SSL_set_session(SSL *s, SSL_SESSION *session) |
| d02b48c6 RE |
534 | { |
| 535 | int ret=0; | |
| 536 | SSL_METHOD *meth; | |
| 537 | ||
| 538 | if (session != NULL) | |
| 539 | { | |
| 540 | meth=s->ctx->method->get_ssl_method(session->ssl_version); | |
| 541 | if (meth == NULL) | |
| 542 | meth=s->method->get_ssl_method(session->ssl_version); | |
| 543 | if (meth == NULL) | |
| 544 | { | |
| 545 | SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD); | |
| 546 | return(0); | |
| 547 | } | |
| 548 | ||
| 549 | if (meth != s->method) | |
| 550 | { | |
| 551 | if (!SSL_set_ssl_method(s,meth)) | |
| 552 | return(0); | |
| 413c4f45 MC |
553 | if (s->ctx->session_timeout == 0) |
| 554 | session->timeout=SSL_get_default_timeout(s); | |
| 555 | else | |
| 556 | session->timeout=s->ctx->session_timeout; | |
| d02b48c6 RE |
557 | } |
| 558 | ||
| 882e8912 RL |
559 | #ifndef OPENSSL_NO_KRB5 |
| 560 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && | |
| 561 | session->krb5_client_princ_len > 0) | |
| 562 | { | |
| 563 | s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1); | |
| 564 | memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ, | |
| 565 | session->krb5_client_princ_len); | |
| c2a3358b | 566 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; |
| 882e8912 RL |
567 | } |
| 568 | #endif /* OPENSSL_NO_KRB5 */ | |
| 569 | ||
| d02b48c6 RE |
570 | /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/ |
| 571 | CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION); | |
| 572 | if (s->session != NULL) | |
| 573 | SSL_SESSION_free(s->session); | |
| 574 | s->session=session; | |
| 0dd2254d | 575 | s->verify_result = s->session->verify_result; |
| d02b48c6 RE |
576 | /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ |
| 577 | ret=1; | |
| 578 | } | |
| 58964a49 RE |
579 | else |
| 580 | { | |
| 581 | if (s->session != NULL) | |
| 582 | { | |
| 583 | SSL_SESSION_free(s->session); | |
| 584 | s->session=NULL; | |
| 585 | } | |
| 413c4f45 MC |
586 | |
| 587 | meth=s->ctx->method; | |
| 588 | if (meth != s->method) | |
| 589 | { | |
| 590 | if (!SSL_set_ssl_method(s,meth)) | |
| 591 | return(0); | |
| 592 | } | |
| 593 | ret=1; | |
| 58964a49 | 594 | } |
| d02b48c6 RE |
595 | return(ret); |
| 596 | } | |
| 597 | ||
| 6b691a5c | 598 | long SSL_SESSION_set_timeout(SSL_SESSION *s, long t) |
| d02b48c6 RE |
599 | { |
| 600 | if (s == NULL) return(0); | |
| 601 | s->timeout=t; | |
| 602 | return(1); | |
| 603 | } | |
| 604 | ||
| 6b691a5c | 605 | long SSL_SESSION_get_timeout(SSL_SESSION *s) |
| d02b48c6 RE |
606 | { |
| 607 | if (s == NULL) return(0); | |
| 608 | return(s->timeout); | |
| 609 | } | |
| 610 | ||
| 6b691a5c | 611 | long SSL_SESSION_get_time(SSL_SESSION *s) |
| d02b48c6 RE |
612 | { |
| 613 | if (s == NULL) return(0); | |
| 614 | return(s->time); | |
| 615 | } | |
| 616 | ||
| 6b691a5c | 617 | long SSL_SESSION_set_time(SSL_SESSION *s, long t) |
| d02b48c6 RE |
618 | { |
| 619 | if (s == NULL) return(0); | |
| 620 | s->time=t; | |
| 621 | return(t); | |
| 622 | } | |
| 623 | ||
| 6b691a5c | 624 | long SSL_CTX_set_timeout(SSL_CTX *s, long t) |
| 413c4f45 MC |
625 | { |
| 626 | long l; | |
| 627 | if (s == NULL) return(0); | |
| 628 | l=s->session_timeout; | |
| 629 | s->session_timeout=t; | |
| 630 | return(l); | |
| 631 | } | |
| 632 | ||
| 6b691a5c | 633 | long SSL_CTX_get_timeout(SSL_CTX *s) |
| 413c4f45 MC |
634 | { |
| 635 | if (s == NULL) return(0); | |
| 636 | return(s->session_timeout); | |
| 637 | } | |
| 638 | ||
| d02b48c6 RE |
639 | typedef struct timeout_param_st |
| 640 | { | |
| 641 | SSL_CTX *ctx; | |
| 642 | long time; | |
| 643 | LHASH *cache; | |
| 644 | } TIMEOUT_PARAM; | |
| 645 | ||
| 6b691a5c | 646 | static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p) |
| d02b48c6 RE |
647 | { |
| 648 | if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */ | |
| 649 | { | |
| 58964a49 RE |
650 | /* The reason we don't call SSL_CTX_remove_session() is to |
| 651 | * save on locking overhead */ | |
| 9d1a01be | 652 | lh_delete(p->cache,s); |
| 58964a49 | 653 | SSL_SESSION_list_remove(p->ctx,s); |
| d02b48c6 RE |
654 | s->not_resumable=1; |
| 655 | if (p->ctx->remove_session_cb != NULL) | |
| 656 | p->ctx->remove_session_cb(p->ctx,s); | |
| 657 | SSL_SESSION_free(s); | |
| 658 | } | |
| 659 | } | |
| 660 | ||
| 3c914840 GT |
661 | static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *) |
| 662 | ||
| 6b691a5c | 663 | void SSL_CTX_flush_sessions(SSL_CTX *s, long t) |
| d02b48c6 RE |
664 | { |
| 665 | unsigned long i; | |
| 666 | TIMEOUT_PARAM tp; | |
| 667 | ||
| 668 | tp.ctx=s; | |
| 413c4f45 | 669 | tp.cache=s->sessions; |
| d02b48c6 RE |
670 | if (tp.cache == NULL) return; |
| 671 | tp.time=t; | |
| 672 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); | |
| 673 | i=tp.cache->down_load; | |
| 674 | tp.cache->down_load=0; | |
| 3c914840 | 675 | lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp); |
| d02b48c6 RE |
676 | tp.cache->down_load=i; |
| 677 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); | |
| 678 | } | |
| 679 | ||
| 6b691a5c | 680 | int ssl_clear_bad_session(SSL *s) |
| d02b48c6 RE |
681 | { |
| 682 | if ( (s->session != NULL) && | |
| 683 | !(s->shutdown & SSL_SENT_SHUTDOWN) && | |
| 684 | !(SSL_in_init(s) || SSL_in_before(s))) | |
| 685 | { | |
| 686 | SSL_CTX_remove_session(s->ctx,s->session); | |
| 687 | return(1); | |
| 688 | } | |
| 689 | else | |
| 690 | return(0); | |
| 691 | } | |
| 58964a49 RE |
692 | |
| 693 | /* locked by SSL_CTX in the calling function */ | |
| 6b691a5c | 694 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s) |
| 58964a49 RE |
695 | { |
| 696 | if ((s->next == NULL) || (s->prev == NULL)) return; | |
| 697 | ||
| 698 | if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) | |
| 699 | { /* last element in list */ | |
| 700 | if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) | |
| 701 | { /* only one element in list */ | |
| 702 | ctx->session_cache_head=NULL; | |
| 703 | ctx->session_cache_tail=NULL; | |
| 704 | } | |
| 705 | else | |
| 706 | { | |
| 707 | ctx->session_cache_tail=s->prev; | |
| 708 | s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail); | |
| 709 | } | |
| 710 | } | |
| 711 | else | |
| 712 | { | |
| 713 | if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) | |
| 714 | { /* first element in list */ | |
| 715 | ctx->session_cache_head=s->next; | |
| 716 | s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head); | |
| 717 | } | |
| 718 | else | |
| 719 | { /* middle of list */ | |
| 720 | s->next->prev=s->prev; | |
| 721 | s->prev->next=s->next; | |
| 722 | } | |
| 723 | } | |
| 724 | s->prev=s->next=NULL; | |
| 725 | } | |
| 726 | ||
| 6b691a5c | 727 | static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) |
| 58964a49 RE |
728 | { |
| 729 | if ((s->next != NULL) && (s->prev != NULL)) | |
| 730 | SSL_SESSION_list_remove(ctx,s); | |
| 731 | ||
| 732 | if (ctx->session_cache_head == NULL) | |
| 733 | { | |
| 734 | ctx->session_cache_head=s; | |
| 735 | ctx->session_cache_tail=s; | |
| 736 | s->prev=(SSL_SESSION *)&(ctx->session_cache_head); | |
| 737 | s->next=(SSL_SESSION *)&(ctx->session_cache_tail); | |
| 738 | } | |
| 739 | else | |
| 740 | { | |
| 741 | s->next=ctx->session_cache_head; | |
| 742 | s->next->prev=s; | |
| 743 | s->prev=(SSL_SESSION *)&(ctx->session_cache_head); | |
| 744 | ctx->session_cache_head=s; | |
| 745 | } | |
| 746 | } | |
| 747 |