]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* ssl/ssl_sess.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
ec577822 BM |
60 | #include <openssl/lhash.h> |
61 | #include <openssl/rand.h> | |
d02b48c6 | 62 | #include "ssl_locl.h" |
c046fffa | 63 | #include "cryptlib.h" |
d02b48c6 | 64 | |
58964a49 RE |
65 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); |
66 | static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); | |
801294f8 | 67 | static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck); |
58964a49 | 68 | |
1088e27c | 69 | SSL_SESSION *SSL_get_session(SSL *ssl) |
52732b38 | 70 | /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */ |
1088e27c BM |
71 | { |
72 | return(ssl->session); | |
73 | } | |
52732b38 BM |
74 | |
75 | SSL_SESSION *SSL_get1_session(SSL *ssl) | |
76 | /* variant of SSL_get_session: caller really gets something */ | |
58964a49 | 77 | { |
b7cfcfb7 MC |
78 | SSL_SESSION *sess; |
79 | /* Need to lock this all up rather than just use CRYPTO_add so that | |
80 | * somebody doesn't free ssl->session between when we check it's | |
81 | * non-null and when we up the reference count. */ | |
82 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION); | |
83 | sess = ssl->session; | |
84 | if(sess) | |
85 | sess->references++; | |
86 | CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION); | |
87 | return(sess); | |
58964a49 RE |
88 | } |
89 | ||
dd9d233e DSH |
90 | int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
91 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | |
b1c4fe36 | 92 | { |
79aa04ef GT |
93 | return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp, |
94 | new_func, dup_func, free_func); | |
b1c4fe36 | 95 | } |
58964a49 | 96 | |
6b691a5c | 97 | int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) |
58964a49 RE |
98 | { |
99 | return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); | |
100 | } | |
101 | ||
6b691a5c | 102 | void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx) |
58964a49 RE |
103 | { |
104 | return(CRYPTO_get_ex_data(&s->ex_data,idx)); | |
105 | } | |
106 | ||
6b691a5c | 107 | SSL_SESSION *SSL_SESSION_new(void) |
d02b48c6 RE |
108 | { |
109 | SSL_SESSION *ss; | |
110 | ||
26a3a48d | 111 | ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION)); |
d02b48c6 RE |
112 | if (ss == NULL) |
113 | { | |
114 | SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE); | |
115 | return(0); | |
116 | } | |
117 | memset(ss,0,sizeof(SSL_SESSION)); | |
118 | ||
b1fe6ca1 | 119 | ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ |
d02b48c6 RE |
120 | ss->references=1; |
121 | ss->timeout=60*5+4; /* 5 minute timeout by default */ | |
122 | ss->time=time(NULL); | |
58964a49 RE |
123 | ss->prev=NULL; |
124 | ss->next=NULL; | |
413c4f45 | 125 | ss->compress_meth=0; |
79aa04ef | 126 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
d02b48c6 RE |
127 | return(ss); |
128 | } | |
129 | ||
dc644fe2 GT |
130 | /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1 |
131 | * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly | |
132 | * until we have no conflict is going to complete in one iteration pretty much | |
133 | * "most" of the time (btw: understatement). So, if it takes us 10 iterations | |
134 | * and we still can't avoid a conflict - well that's a reasonable point to call | |
135 | * it quits. Either the RAND code is broken or someone is trying to open roughly | |
136 | * very close to 2^128 (or 2^256) SSL sessions to our server. How you might | |
137 | * store that many sessions is perhaps a more interesting question ... */ | |
138 | ||
139 | #define MAX_SESS_ID_ATTEMPTS 10 | |
140 | static int def_generate_session_id(const SSL *ssl, unsigned char *id, | |
141 | unsigned int *id_len) | |
142 | { | |
143 | unsigned int retry = 0; | |
144 | do | |
145 | RAND_pseudo_bytes(id, *id_len); | |
f85c9904 | 146 | while(SSL_has_matching_session_id(ssl, id, *id_len) && |
dc644fe2 GT |
147 | (++retry < MAX_SESS_ID_ATTEMPTS)); |
148 | if(retry < MAX_SESS_ID_ATTEMPTS) | |
149 | return 1; | |
150 | /* else - woops a session_id match */ | |
151 | /* XXX We should also check the external cache -- | |
152 | * but the probability of a collision is negligible, and | |
153 | * we could not prevent the concurrent creation of sessions | |
154 | * with identical IDs since we currently don't have means | |
155 | * to atomically check whether a session ID already exists | |
156 | * and make a reservation for it if it does not | |
157 | * (this problem applies to the internal cache as well). | |
158 | */ | |
159 | return 0; | |
160 | } | |
161 | ||
6b691a5c | 162 | int ssl_get_new_session(SSL *s, int session) |
d02b48c6 | 163 | { |
b56bce4f BM |
164 | /* This gets used by clients and servers. */ |
165 | ||
dc644fe2 | 166 | unsigned int tmp; |
d02b48c6 | 167 | SSL_SESSION *ss=NULL; |
dc644fe2 | 168 | GEN_SESSION_CB cb = def_generate_session_id; |
d02b48c6 RE |
169 | |
170 | if ((ss=SSL_SESSION_new()) == NULL) return(0); | |
171 | ||
172 | /* If the context has a default timeout, use it */ | |
413c4f45 | 173 | if (s->ctx->session_timeout == 0) |
d02b48c6 | 174 | ss->timeout=SSL_get_default_timeout(s); |
413c4f45 MC |
175 | else |
176 | ss->timeout=s->ctx->session_timeout; | |
d02b48c6 RE |
177 | |
178 | if (s->session != NULL) | |
179 | { | |
180 | SSL_SESSION_free(s->session); | |
181 | s->session=NULL; | |
182 | } | |
183 | ||
184 | if (session) | |
185 | { | |
6d02d8e4 | 186 | if (s->version == SSL2_VERSION) |
d02b48c6 | 187 | { |
58964a49 | 188 | ss->ssl_version=SSL2_VERSION; |
d02b48c6 RE |
189 | ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; |
190 | } | |
58964a49 | 191 | else if (s->version == SSL3_VERSION) |
d02b48c6 | 192 | { |
58964a49 RE |
193 | ss->ssl_version=SSL3_VERSION; |
194 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; | |
195 | } | |
196 | else if (s->version == TLS1_VERSION) | |
197 | { | |
198 | ss->ssl_version=TLS1_VERSION; | |
d02b48c6 RE |
199 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; |
200 | } | |
201 | else | |
202 | { | |
203 | SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); | |
204 | SSL_SESSION_free(ss); | |
205 | return(0); | |
206 | } | |
dc644fe2 GT |
207 | /* Choose which callback will set the session ID */ |
208 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); | |
209 | if(s->generate_session_id) | |
210 | cb = s->generate_session_id; | |
211 | else if(s->ctx->generate_session_id) | |
212 | cb = s->ctx->generate_session_id; | |
213 | CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); | |
214 | /* Choose a session ID */ | |
215 | tmp = ss->session_id_length; | |
216 | if(!cb(s, ss->session_id, &tmp)) | |
217 | { | |
218 | /* The callback failed */ | |
219 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, | |
220 | SSL_R_SSL_SESSION_ID_CALLBACK_FAILED); | |
221 | SSL_SESSION_free(ss); | |
222 | return(0); | |
223 | } | |
224 | /* Don't allow the callback to set the session length to zero. | |
225 | * nor set it higher than it was. */ | |
226 | if(!tmp || (tmp > ss->session_id_length)) | |
d02b48c6 | 227 | { |
dc644fe2 GT |
228 | /* The callback set an illegal length */ |
229 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, | |
230 | SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH); | |
231 | SSL_SESSION_free(ss); | |
232 | return(0); | |
233 | } | |
234 | /* If the session length was shrunk and we're SSLv2, pad it */ | |
235 | if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION)) | |
236 | memset(ss->session_id + tmp, 0, ss->session_id_length - tmp); | |
237 | else | |
238 | ss->session_id_length = tmp; | |
239 | /* Finally, check for a conflict */ | |
f85c9904 | 240 | if(SSL_has_matching_session_id(s, ss->session_id, |
dc644fe2 GT |
241 | ss->session_id_length)) |
242 | { | |
243 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, | |
244 | SSL_R_SSL_SESSION_ID_CONFLICT); | |
245 | SSL_SESSION_free(ss); | |
246 | return(0); | |
d02b48c6 RE |
247 | } |
248 | } | |
249 | else | |
250 | { | |
251 | ss->session_id_length=0; | |
252 | } | |
253 | ||
c046fffa | 254 | die(s->sid_ctx_length <= sizeof ss->sid_ctx); |
b4cadc6e BL |
255 | memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); |
256 | ss->sid_ctx_length=s->sid_ctx_length; | |
d02b48c6 RE |
257 | s->session=ss; |
258 | ss->ssl_version=s->version; | |
b1fe6ca1 | 259 | ss->verify_result = X509_V_OK; |
d02b48c6 RE |
260 | |
261 | return(1); | |
262 | } | |
263 | ||
6b691a5c | 264 | int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) |
d02b48c6 | 265 | { |
b56bce4f BM |
266 | /* This is used only by servers. */ |
267 | ||
58964a49 | 268 | SSL_SESSION *ret=NULL,data; |
8876bc05 | 269 | int fatal = 0; |
d02b48c6 | 270 | |
d02b48c6 RE |
271 | data.ssl_version=s->version; |
272 | data.session_id_length=len; | |
273 | if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) | |
8876bc05 | 274 | goto err; |
b4cadc6e | 275 | memcpy(data.session_id,session_id,len); |
d02b48c6 | 276 | |
58964a49 RE |
277 | if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) |
278 | { | |
279 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); | |
9d1a01be | 280 | ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data); |
bdc98ffb BM |
281 | if (ret != NULL) |
282 | /* don't allow other threads to steal it: */ | |
283 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | |
58964a49 RE |
284 | CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); |
285 | } | |
d02b48c6 RE |
286 | |
287 | if (ret == NULL) | |
288 | { | |
9a193d88 BM |
289 | int copy=1; |
290 | ||
413c4f45 | 291 | s->ctx->stats.sess_miss++; |
d02b48c6 | 292 | ret=NULL; |
b4cadc6e BL |
293 | if (s->ctx->get_session_cb != NULL |
294 | && (ret=s->ctx->get_session_cb(s,session_id,len,©)) | |
295 | != NULL) | |
d02b48c6 | 296 | { |
413c4f45 | 297 | s->ctx->stats.sess_cb_hit++; |
d02b48c6 | 298 | |
8876bc05 BM |
299 | /* Increment reference count now if the session callback |
300 | * asks us to do so (note that if the session structures | |
301 | * returned by the callback are shared between threads, | |
302 | * it must handle the reference count itself [i.e. copy == 0], | |
303 | * or things won't be thread-safe). */ | |
304 | if (copy) | |
305 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | |
306 | ||
d02b48c6 RE |
307 | /* The following should not return 1, otherwise, |
308 | * things are very strange */ | |
309 | SSL_CTX_add_session(s->ctx,ret); | |
d02b48c6 | 310 | } |
8876bc05 BM |
311 | if (ret == NULL) |
312 | goto err; | |
d02b48c6 RE |
313 | } |
314 | ||
8876bc05 BM |
315 | /* Now ret is non-NULL, and we own one of its reference counts. */ |
316 | ||
b4cadc6e BL |
317 | if((s->verify_mode&SSL_VERIFY_PEER) |
318 | && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length | |
319 | || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))) | |
320 | { | |
8876bc05 BM |
321 | /* We've found the session named by the client, but we don't |
322 | * want to use it in this context. */ | |
323 | ||
324 | if (s->sid_ctx_length == 0) | |
325 | { | |
326 | /* application should have used SSL[_CTX]_set_session_id_context | |
327 | * -- we could tolerate this and just pretend we never heard | |
328 | * of this session, but then applications could effectively | |
329 | * disable the session cache by accident without anyone noticing */ | |
330 | ||
673eadec | 331 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); |
8876bc05 BM |
332 | fatal = 1; |
333 | goto err; | |
334 | } | |
335 | else | |
336 | { | |
337 | #if 0 /* The client cannot always know when a session is not appropriate, | |
338 | * so we shouldn't generate an error message. */ | |
339 | ||
340 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | |
341 | #endif | |
342 | goto err; /* treat like cache miss */ | |
343 | } | |
344 | } | |
b4cadc6e | 345 | |
d02b48c6 RE |
346 | if (ret->cipher == NULL) |
347 | { | |
c5db363e | 348 | unsigned char buf[5],*p; |
d02b48c6 RE |
349 | unsigned long l; |
350 | ||
351 | p=buf; | |
352 | l=ret->cipher_id; | |
353 | l2n(l,p); | |
58964a49 | 354 | if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR) |
d02b48c6 RE |
355 | ret->cipher=ssl_get_cipher_by_char(s,&(buf[2])); |
356 | else | |
357 | ret->cipher=ssl_get_cipher_by_char(s,&(buf[1])); | |
358 | if (ret->cipher == NULL) | |
8876bc05 | 359 | goto err; |
d02b48c6 RE |
360 | } |
361 | ||
8876bc05 BM |
362 | |
363 | #if 0 /* This is way too late. */ | |
364 | ||
d02b48c6 | 365 | /* If a thread got the session, then 'swaped', and another got |
26a3a48d | 366 | * it and then due to a time-out decided to 'OPENSSL_free' it we could |
d02b48c6 RE |
367 | * be in trouble. So I'll increment it now, then double decrement |
368 | * later - am I speaking rubbish?. */ | |
369 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | |
8876bc05 | 370 | #endif |
d02b48c6 RE |
371 | |
372 | if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */ | |
373 | { | |
413c4f45 | 374 | s->ctx->stats.sess_timeout++; |
d02b48c6 RE |
375 | /* remove it from the cache */ |
376 | SSL_CTX_remove_session(s->ctx,ret); | |
8876bc05 | 377 | goto err; |
d02b48c6 RE |
378 | } |
379 | ||
413c4f45 | 380 | s->ctx->stats.sess_hit++; |
d02b48c6 RE |
381 | |
382 | /* ret->time=time(NULL); */ /* rezero timeout? */ | |
383 | /* again, just leave the session | |
384 | * if it is the same session, we have just incremented and | |
385 | * then decremented the reference count :-) */ | |
386 | if (s->session != NULL) | |
387 | SSL_SESSION_free(s->session); | |
388 | s->session=ret; | |
b1fe6ca1 | 389 | s->verify_result = s->session->verify_result; |
d02b48c6 | 390 | return(1); |
8876bc05 BM |
391 | |
392 | err: | |
393 | if (ret != NULL) | |
394 | SSL_SESSION_free(ret); | |
395 | if (fatal) | |
396 | return -1; | |
397 | else | |
398 | return 0; | |
d02b48c6 RE |
399 | } |
400 | ||
6b691a5c | 401 | int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) |
d02b48c6 | 402 | { |
58964a49 | 403 | int ret=0; |
d02b48c6 RE |
404 | SSL_SESSION *s; |
405 | ||
45fd4dbb BM |
406 | /* add just 1 reference count for the SSL_CTX's session cache |
407 | * even though it has two ways of access: each session is in a | |
408 | * doubly linked list and an lhash */ | |
d02b48c6 | 409 | CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION); |
45fd4dbb | 410 | /* if session c is in already in cache, we take back the increment later */ |
d02b48c6 RE |
411 | |
412 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); | |
9d1a01be | 413 | s=(SSL_SESSION *)lh_insert(ctx->sessions,c); |
58964a49 | 414 | |
45fd4dbb BM |
415 | /* s != NULL iff we already had a session with the given PID. |
416 | * In this case, s == c should hold (then we did not really modify | |
417 | * ctx->sessions), or we're in trouble. */ | |
418 | if (s != NULL && s != c) | |
419 | { | |
420 | /* We *are* in trouble ... */ | |
421 | SSL_SESSION_list_remove(ctx,s); | |
422 | SSL_SESSION_free(s); | |
423 | /* ... so pretend the other session did not exist in cache | |
424 | * (we cannot handle two SSL_SESSION structures with identical | |
425 | * session ID in the same cache, which could happen e.g. when | |
426 | * two threads concurrently obtain the same session from an external | |
427 | * cache) */ | |
428 | s = NULL; | |
429 | } | |
430 | ||
431 | /* Put at the head of the queue unless it is already in the cache */ | |
58964a49 RE |
432 | if (s == NULL) |
433 | SSL_SESSION_list_add(ctx,c); | |
d02b48c6 | 434 | |
d02b48c6 RE |
435 | if (s != NULL) |
436 | { | |
45fd4dbb BM |
437 | /* existing cache entry -- decrement previously incremented reference |
438 | * count because it already takes into account the cache */ | |
439 | ||
440 | SSL_SESSION_free(s); /* s == c */ | |
58964a49 | 441 | ret=0; |
d02b48c6 RE |
442 | } |
443 | else | |
58964a49 | 444 | { |
45fd4dbb BM |
445 | /* new cache entry -- remove old ones if cache has become too large */ |
446 | ||
58964a49 RE |
447 | ret=1; |
448 | ||
449 | if (SSL_CTX_sess_get_cache_size(ctx) > 0) | |
450 | { | |
451 | while (SSL_CTX_sess_number(ctx) > | |
452 | SSL_CTX_sess_get_cache_size(ctx)) | |
453 | { | |
801294f8 DSH |
454 | if (!remove_session_lock(ctx, |
455 | ctx->session_cache_tail, 0)) | |
58964a49 RE |
456 | break; |
457 | else | |
413c4f45 | 458 | ctx->stats.sess_cache_full++; |
58964a49 RE |
459 | } |
460 | } | |
461 | } | |
462 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); | |
463 | return(ret); | |
d02b48c6 RE |
464 | } |
465 | ||
6b691a5c | 466 | int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c) |
801294f8 DSH |
467 | { |
468 | return remove_session_lock(ctx, c, 1); | |
469 | } | |
470 | ||
0fda2e37 | 471 | static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) |
d02b48c6 RE |
472 | { |
473 | SSL_SESSION *r; | |
474 | int ret=0; | |
475 | ||
58964a49 | 476 | if ((c != NULL) && (c->session_id_length != 0)) |
d02b48c6 | 477 | { |
801294f8 | 478 | if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); |
acfe628b | 479 | if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c) |
58964a49 RE |
480 | { |
481 | ret=1; | |
acfe628b | 482 | r=(SSL_SESSION *)lh_delete(ctx->sessions,c); |
58964a49 RE |
483 | SSL_SESSION_list_remove(ctx,c); |
484 | } | |
d02b48c6 | 485 | |
801294f8 | 486 | if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); |
d02b48c6 RE |
487 | |
488 | if (ret) | |
489 | { | |
490 | r->not_resumable=1; | |
491 | if (ctx->remove_session_cb != NULL) | |
58964a49 | 492 | ctx->remove_session_cb(ctx,r); |
d02b48c6 RE |
493 | SSL_SESSION_free(r); |
494 | } | |
495 | } | |
496 | else | |
497 | ret=0; | |
498 | return(ret); | |
499 | } | |
500 | ||
6b691a5c | 501 | void SSL_SESSION_free(SSL_SESSION *ss) |
d02b48c6 RE |
502 | { |
503 | int i; | |
504 | ||
e03ddfae BL |
505 | if(ss == NULL) |
506 | return; | |
507 | ||
d02b48c6 | 508 | i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION); |
58964a49 RE |
509 | #ifdef REF_PRINT |
510 | REF_PRINT("SSL_SESSION",ss); | |
511 | #endif | |
d02b48c6 RE |
512 | if (i > 0) return; |
513 | #ifdef REF_CHECK | |
514 | if (i < 0) | |
515 | { | |
516 | fprintf(stderr,"SSL_SESSION_free, bad reference count\n"); | |
517 | abort(); /* ok */ | |
518 | } | |
519 | #endif | |
520 | ||
79aa04ef | 521 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
58964a49 | 522 | |
d02b48c6 RE |
523 | memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); |
524 | memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); | |
525 | memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); | |
b56bce4f | 526 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); |
d02b48c6 | 527 | if (ss->peer != NULL) X509_free(ss->peer); |
f73e07cf | 528 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); |
d02b48c6 | 529 | memset(ss,0,sizeof(*ss)); |
26a3a48d | 530 | OPENSSL_free(ss); |
d02b48c6 RE |
531 | } |
532 | ||
6b691a5c | 533 | int SSL_set_session(SSL *s, SSL_SESSION *session) |
d02b48c6 RE |
534 | { |
535 | int ret=0; | |
536 | SSL_METHOD *meth; | |
537 | ||
538 | if (session != NULL) | |
539 | { | |
540 | meth=s->ctx->method->get_ssl_method(session->ssl_version); | |
541 | if (meth == NULL) | |
542 | meth=s->method->get_ssl_method(session->ssl_version); | |
543 | if (meth == NULL) | |
544 | { | |
545 | SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD); | |
546 | return(0); | |
547 | } | |
548 | ||
549 | if (meth != s->method) | |
550 | { | |
551 | if (!SSL_set_ssl_method(s,meth)) | |
552 | return(0); | |
413c4f45 MC |
553 | if (s->ctx->session_timeout == 0) |
554 | session->timeout=SSL_get_default_timeout(s); | |
555 | else | |
556 | session->timeout=s->ctx->session_timeout; | |
d02b48c6 RE |
557 | } |
558 | ||
882e8912 RL |
559 | #ifndef OPENSSL_NO_KRB5 |
560 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && | |
561 | session->krb5_client_princ_len > 0) | |
562 | { | |
563 | s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1); | |
564 | memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ, | |
565 | session->krb5_client_princ_len); | |
c2a3358b | 566 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; |
882e8912 RL |
567 | } |
568 | #endif /* OPENSSL_NO_KRB5 */ | |
569 | ||
d02b48c6 RE |
570 | /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/ |
571 | CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION); | |
572 | if (s->session != NULL) | |
573 | SSL_SESSION_free(s->session); | |
574 | s->session=session; | |
0dd2254d | 575 | s->verify_result = s->session->verify_result; |
d02b48c6 RE |
576 | /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ |
577 | ret=1; | |
578 | } | |
58964a49 RE |
579 | else |
580 | { | |
581 | if (s->session != NULL) | |
582 | { | |
583 | SSL_SESSION_free(s->session); | |
584 | s->session=NULL; | |
585 | } | |
413c4f45 MC |
586 | |
587 | meth=s->ctx->method; | |
588 | if (meth != s->method) | |
589 | { | |
590 | if (!SSL_set_ssl_method(s,meth)) | |
591 | return(0); | |
592 | } | |
593 | ret=1; | |
58964a49 | 594 | } |
d02b48c6 RE |
595 | return(ret); |
596 | } | |
597 | ||
6b691a5c | 598 | long SSL_SESSION_set_timeout(SSL_SESSION *s, long t) |
d02b48c6 RE |
599 | { |
600 | if (s == NULL) return(0); | |
601 | s->timeout=t; | |
602 | return(1); | |
603 | } | |
604 | ||
6b691a5c | 605 | long SSL_SESSION_get_timeout(SSL_SESSION *s) |
d02b48c6 RE |
606 | { |
607 | if (s == NULL) return(0); | |
608 | return(s->timeout); | |
609 | } | |
610 | ||
6b691a5c | 611 | long SSL_SESSION_get_time(SSL_SESSION *s) |
d02b48c6 RE |
612 | { |
613 | if (s == NULL) return(0); | |
614 | return(s->time); | |
615 | } | |
616 | ||
6b691a5c | 617 | long SSL_SESSION_set_time(SSL_SESSION *s, long t) |
d02b48c6 RE |
618 | { |
619 | if (s == NULL) return(0); | |
620 | s->time=t; | |
621 | return(t); | |
622 | } | |
623 | ||
6b691a5c | 624 | long SSL_CTX_set_timeout(SSL_CTX *s, long t) |
413c4f45 MC |
625 | { |
626 | long l; | |
627 | if (s == NULL) return(0); | |
628 | l=s->session_timeout; | |
629 | s->session_timeout=t; | |
630 | return(l); | |
631 | } | |
632 | ||
6b691a5c | 633 | long SSL_CTX_get_timeout(SSL_CTX *s) |
413c4f45 MC |
634 | { |
635 | if (s == NULL) return(0); | |
636 | return(s->session_timeout); | |
637 | } | |
638 | ||
d02b48c6 RE |
639 | typedef struct timeout_param_st |
640 | { | |
641 | SSL_CTX *ctx; | |
642 | long time; | |
643 | LHASH *cache; | |
644 | } TIMEOUT_PARAM; | |
645 | ||
6b691a5c | 646 | static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p) |
d02b48c6 RE |
647 | { |
648 | if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */ | |
649 | { | |
58964a49 RE |
650 | /* The reason we don't call SSL_CTX_remove_session() is to |
651 | * save on locking overhead */ | |
9d1a01be | 652 | lh_delete(p->cache,s); |
58964a49 | 653 | SSL_SESSION_list_remove(p->ctx,s); |
d02b48c6 RE |
654 | s->not_resumable=1; |
655 | if (p->ctx->remove_session_cb != NULL) | |
656 | p->ctx->remove_session_cb(p->ctx,s); | |
657 | SSL_SESSION_free(s); | |
658 | } | |
659 | } | |
660 | ||
3c914840 GT |
661 | static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *) |
662 | ||
6b691a5c | 663 | void SSL_CTX_flush_sessions(SSL_CTX *s, long t) |
d02b48c6 RE |
664 | { |
665 | unsigned long i; | |
666 | TIMEOUT_PARAM tp; | |
667 | ||
668 | tp.ctx=s; | |
413c4f45 | 669 | tp.cache=s->sessions; |
d02b48c6 RE |
670 | if (tp.cache == NULL) return; |
671 | tp.time=t; | |
672 | CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); | |
673 | i=tp.cache->down_load; | |
674 | tp.cache->down_load=0; | |
3c914840 | 675 | lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp); |
d02b48c6 RE |
676 | tp.cache->down_load=i; |
677 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); | |
678 | } | |
679 | ||
6b691a5c | 680 | int ssl_clear_bad_session(SSL *s) |
d02b48c6 RE |
681 | { |
682 | if ( (s->session != NULL) && | |
683 | !(s->shutdown & SSL_SENT_SHUTDOWN) && | |
684 | !(SSL_in_init(s) || SSL_in_before(s))) | |
685 | { | |
686 | SSL_CTX_remove_session(s->ctx,s->session); | |
687 | return(1); | |
688 | } | |
689 | else | |
690 | return(0); | |
691 | } | |
58964a49 RE |
692 | |
693 | /* locked by SSL_CTX in the calling function */ | |
6b691a5c | 694 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s) |
58964a49 RE |
695 | { |
696 | if ((s->next == NULL) || (s->prev == NULL)) return; | |
697 | ||
698 | if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) | |
699 | { /* last element in list */ | |
700 | if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) | |
701 | { /* only one element in list */ | |
702 | ctx->session_cache_head=NULL; | |
703 | ctx->session_cache_tail=NULL; | |
704 | } | |
705 | else | |
706 | { | |
707 | ctx->session_cache_tail=s->prev; | |
708 | s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail); | |
709 | } | |
710 | } | |
711 | else | |
712 | { | |
713 | if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) | |
714 | { /* first element in list */ | |
715 | ctx->session_cache_head=s->next; | |
716 | s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head); | |
717 | } | |
718 | else | |
719 | { /* middle of list */ | |
720 | s->next->prev=s->prev; | |
721 | s->prev->next=s->next; | |
722 | } | |
723 | } | |
724 | s->prev=s->next=NULL; | |
725 | } | |
726 | ||
6b691a5c | 727 | static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) |
58964a49 RE |
728 | { |
729 | if ((s->next != NULL) && (s->prev != NULL)) | |
730 | SSL_SESSION_list_remove(ctx,s); | |
731 | ||
732 | if (ctx->session_cache_head == NULL) | |
733 | { | |
734 | ctx->session_cache_head=s; | |
735 | ctx->session_cache_tail=s; | |
736 | s->prev=(SSL_SESSION *)&(ctx->session_cache_head); | |
737 | s->next=(SSL_SESSION *)&(ctx->session_cache_tail); | |
738 | } | |
739 | else | |
740 | { | |
741 | s->next=ctx->session_cache_head; | |
742 | s->next->prev=s; | |
743 | s->prev=(SSL_SESSION *)&(ctx->session_cache_head); | |
744 | ctx->session_cache_head=s; | |
745 | } | |
746 | } | |
747 |