ssl_sess.c 38 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317
  1. /*
  2. * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright 2005 Nokia. All rights reserved.
  4. *
  5. * Licensed under the OpenSSL license (the "License"). You may not use
  6. * this file except in compliance with the License. You can obtain a copy
  7. * in the file LICENSE in the source distribution or at
  8. * https://www.openssl.org/source/license.html
  9. */
  10. #include <stdio.h>
  11. #include <openssl/rand.h>
  12. #include <openssl/engine.h>
  13. #include "internal/refcount.h"
  14. #include "internal/cryptlib.h"
  15. #include "ssl_locl.h"
  16. #include "statem/statem_locl.h"
  17. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
  18. static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
  19. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
  20. /*
  21. * SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because,
  22. * unlike in earlier protocol versions, the session ticket may not have been
  23. * sent yet even though a handshake has finished. The session ticket data could
  24. * come in sometime later...or even change if multiple session ticket messages
  25. * are sent from the server. The preferred way for applications to obtain
  26. * a resumable session is to use SSL_CTX_sess_set_new_cb().
  27. */
  28. SSL_SESSION *SSL_get_session(const SSL *ssl)
  29. /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
  30. {
  31. return ssl->session;
  32. }
  33. SSL_SESSION *SSL_get1_session(SSL *ssl)
  34. /* variant of SSL_get_session: caller really gets something */
  35. {
  36. SSL_SESSION *sess;
  37. /*
  38. * Need to lock this all up rather than just use CRYPTO_add so that
  39. * somebody doesn't free ssl->session between when we check it's non-null
  40. * and when we up the reference count.
  41. */
  42. CRYPTO_THREAD_read_lock(ssl->lock);
  43. sess = ssl->session;
  44. if (sess)
  45. SSL_SESSION_up_ref(sess);
  46. CRYPTO_THREAD_unlock(ssl->lock);
  47. return sess;
  48. }
  49. int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
  50. {
  51. return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
  52. }
  53. void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
  54. {
  55. return CRYPTO_get_ex_data(&s->ex_data, idx);
  56. }
  57. SSL_SESSION *SSL_SESSION_new(void)
  58. {
  59. SSL_SESSION *ss;
  60. if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
  61. return NULL;
  62. ss = OPENSSL_zalloc(sizeof(*ss));
  63. if (ss == NULL) {
  64. SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
  65. return NULL;
  66. }
  67. ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
  68. ss->references = 1;
  69. ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */
  70. ss->time = (unsigned long)time(NULL);
  71. ss->lock = CRYPTO_THREAD_lock_new();
  72. if (ss->lock == NULL) {
  73. SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
  74. OPENSSL_free(ss);
  75. return NULL;
  76. }
  77. if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
  78. CRYPTO_THREAD_lock_free(ss->lock);
  79. OPENSSL_free(ss);
  80. return NULL;
  81. }
  82. return ss;
  83. }
  84. SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src)
  85. {
  86. return ssl_session_dup(src, 1);
  87. }
  88. /*
  89. * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
  90. * ticket == 0 then no ticket information is duplicated, otherwise it is.
  91. */
  92. SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
  93. {
  94. SSL_SESSION *dest;
  95. dest = OPENSSL_malloc(sizeof(*src));
  96. if (dest == NULL) {
  97. goto err;
  98. }
  99. memcpy(dest, src, sizeof(*dest));
  100. /*
  101. * Set the various pointers to NULL so that we can call SSL_SESSION_free in
  102. * the case of an error whilst halfway through constructing dest
  103. */
  104. #ifndef OPENSSL_NO_PSK
  105. dest->psk_identity_hint = NULL;
  106. dest->psk_identity = NULL;
  107. #endif
  108. dest->ciphers = NULL;
  109. dest->ext.hostname = NULL;
  110. #ifndef OPENSSL_NO_EC
  111. dest->ext.ecpointformats = NULL;
  112. dest->ext.supportedgroups = NULL;
  113. #endif
  114. dest->ext.tick = NULL;
  115. dest->ext.alpn_selected = NULL;
  116. #ifndef OPENSSL_NO_SRP
  117. dest->srp_username = NULL;
  118. #endif
  119. dest->peer_chain = NULL;
  120. dest->peer = NULL;
  121. dest->ticket_appdata = NULL;
  122. memset(&dest->ex_data, 0, sizeof(dest->ex_data));
  123. /* We deliberately don't copy the prev and next pointers */
  124. dest->prev = NULL;
  125. dest->next = NULL;
  126. dest->references = 1;
  127. dest->lock = CRYPTO_THREAD_lock_new();
  128. if (dest->lock == NULL)
  129. goto err;
  130. if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
  131. goto err;
  132. if (src->peer != NULL) {
  133. if (!X509_up_ref(src->peer))
  134. goto err;
  135. dest->peer = src->peer;
  136. }
  137. if (src->peer_chain != NULL) {
  138. dest->peer_chain = X509_chain_up_ref(src->peer_chain);
  139. if (dest->peer_chain == NULL)
  140. goto err;
  141. }
  142. #ifndef OPENSSL_NO_PSK
  143. if (src->psk_identity_hint) {
  144. dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
  145. if (dest->psk_identity_hint == NULL) {
  146. goto err;
  147. }
  148. }
  149. if (src->psk_identity) {
  150. dest->psk_identity = OPENSSL_strdup(src->psk_identity);
  151. if (dest->psk_identity == NULL) {
  152. goto err;
  153. }
  154. }
  155. #endif
  156. if (src->ciphers != NULL) {
  157. dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
  158. if (dest->ciphers == NULL)
  159. goto err;
  160. }
  161. if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
  162. &dest->ex_data, &src->ex_data)) {
  163. goto err;
  164. }
  165. if (src->ext.hostname) {
  166. dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);
  167. if (dest->ext.hostname == NULL) {
  168. goto err;
  169. }
  170. }
  171. #ifndef OPENSSL_NO_EC
  172. if (src->ext.ecpointformats) {
  173. dest->ext.ecpointformats =
  174. OPENSSL_memdup(src->ext.ecpointformats,
  175. src->ext.ecpointformats_len);
  176. if (dest->ext.ecpointformats == NULL)
  177. goto err;
  178. }
  179. if (src->ext.supportedgroups) {
  180. dest->ext.supportedgroups =
  181. OPENSSL_memdup(src->ext.supportedgroups,
  182. src->ext.supportedgroups_len
  183. * sizeof(*src->ext.supportedgroups));
  184. if (dest->ext.supportedgroups == NULL)
  185. goto err;
  186. }
  187. #endif
  188. if (ticket != 0 && src->ext.tick != NULL) {
  189. dest->ext.tick =
  190. OPENSSL_memdup(src->ext.tick, src->ext.ticklen);
  191. if (dest->ext.tick == NULL)
  192. goto err;
  193. } else {
  194. dest->ext.tick_lifetime_hint = 0;
  195. dest->ext.ticklen = 0;
  196. }
  197. if (src->ext.alpn_selected != NULL) {
  198. dest->ext.alpn_selected = OPENSSL_memdup(src->ext.alpn_selected,
  199. src->ext.alpn_selected_len);
  200. if (dest->ext.alpn_selected == NULL)
  201. goto err;
  202. }
  203. #ifndef OPENSSL_NO_SRP
  204. if (src->srp_username) {
  205. dest->srp_username = OPENSSL_strdup(src->srp_username);
  206. if (dest->srp_username == NULL) {
  207. goto err;
  208. }
  209. }
  210. #endif
  211. if (src->ticket_appdata != NULL) {
  212. dest->ticket_appdata =
  213. OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len);
  214. if (dest->ticket_appdata == NULL)
  215. goto err;
  216. }
  217. return dest;
  218. err:
  219. SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
  220. SSL_SESSION_free(dest);
  221. return NULL;
  222. }
  223. const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
  224. {
  225. if (len)
  226. *len = (unsigned int)s->session_id_length;
  227. return s->session_id;
  228. }
  229. const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
  230. unsigned int *len)
  231. {
  232. if (len != NULL)
  233. *len = (unsigned int)s->sid_ctx_length;
  234. return s->sid_ctx;
  235. }
  236. unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
  237. {
  238. return s->compress_meth;
  239. }
  240. /*
  241. * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
  242. * the ID with random junk repeatedly until we have no conflict is going to
  243. * complete in one iteration pretty much "most" of the time (btw:
  244. * understatement). So, if it takes us 10 iterations and we still can't avoid
  245. * a conflict - well that's a reasonable point to call it quits. Either the
  246. * RAND code is broken or someone is trying to open roughly very close to
  247. * 2^256 SSL sessions to our server. How you might store that many sessions
  248. * is perhaps a more interesting question ...
  249. */
  250. #define MAX_SESS_ID_ATTEMPTS 10
  251. static int def_generate_session_id(SSL *ssl, unsigned char *id,
  252. unsigned int *id_len)
  253. {
  254. unsigned int retry = 0;
  255. do
  256. if (RAND_bytes(id, *id_len) <= 0)
  257. return 0;
  258. while (SSL_has_matching_session_id(ssl, id, *id_len) &&
  259. (++retry < MAX_SESS_ID_ATTEMPTS)) ;
  260. if (retry < MAX_SESS_ID_ATTEMPTS)
  261. return 1;
  262. /* else - woops a session_id match */
  263. /*
  264. * XXX We should also check the external cache -- but the probability of
  265. * a collision is negligible, and we could not prevent the concurrent
  266. * creation of sessions with identical IDs since we currently don't have
  267. * means to atomically check whether a session ID already exists and make
  268. * a reservation for it if it does not (this problem applies to the
  269. * internal cache as well).
  270. */
  271. return 0;
  272. }
  273. int ssl_generate_session_id(SSL *s, SSL_SESSION *ss)
  274. {
  275. unsigned int tmp;
  276. GEN_SESSION_CB cb = def_generate_session_id;
  277. switch (s->version) {
  278. case SSL3_VERSION:
  279. case TLS1_VERSION:
  280. case TLS1_1_VERSION:
  281. case TLS1_2_VERSION:
  282. case TLS1_3_VERSION:
  283. case DTLS1_BAD_VER:
  284. case DTLS1_VERSION:
  285. case DTLS1_2_VERSION:
  286. ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
  287. break;
  288. default:
  289. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
  290. SSL_R_UNSUPPORTED_SSL_VERSION);
  291. return 0;
  292. }
  293. /*-
  294. * If RFC5077 ticket, use empty session ID (as server).
  295. * Note that:
  296. * (a) ssl_get_prev_session() does lookahead into the
  297. * ClientHello extensions to find the session ticket.
  298. * When ssl_get_prev_session() fails, statem_srvr.c calls
  299. * ssl_get_new_session() in tls_process_client_hello().
  300. * At that point, it has not yet parsed the extensions,
  301. * however, because of the lookahead, it already knows
  302. * whether a ticket is expected or not.
  303. *
  304. * (b) statem_clnt.c calls ssl_get_new_session() before parsing
  305. * ServerHello extensions, and before recording the session
  306. * ID received from the server, so this block is a noop.
  307. */
  308. if (s->ext.ticket_expected) {
  309. ss->session_id_length = 0;
  310. return 1;
  311. }
  312. /* Choose which callback will set the session ID */
  313. CRYPTO_THREAD_read_lock(s->lock);
  314. CRYPTO_THREAD_read_lock(s->session_ctx->lock);
  315. if (s->generate_session_id)
  316. cb = s->generate_session_id;
  317. else if (s->session_ctx->generate_session_id)
  318. cb = s->session_ctx->generate_session_id;
  319. CRYPTO_THREAD_unlock(s->session_ctx->lock);
  320. CRYPTO_THREAD_unlock(s->lock);
  321. /* Choose a session ID */
  322. memset(ss->session_id, 0, ss->session_id_length);
  323. tmp = (int)ss->session_id_length;
  324. if (!cb(s, ss->session_id, &tmp)) {
  325. /* The callback failed */
  326. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
  327. SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
  328. return 0;
  329. }
  330. /*
  331. * Don't allow the callback to set the session length to zero. nor
  332. * set it higher than it was.
  333. */
  334. if (tmp == 0 || tmp > ss->session_id_length) {
  335. /* The callback set an illegal length */
  336. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
  337. SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
  338. return 0;
  339. }
  340. ss->session_id_length = tmp;
  341. /* Finally, check for a conflict */
  342. if (SSL_has_matching_session_id(s, ss->session_id,
  343. (unsigned int)ss->session_id_length)) {
  344. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
  345. SSL_R_SSL_SESSION_ID_CONFLICT);
  346. return 0;
  347. }
  348. return 1;
  349. }
  350. int ssl_get_new_session(SSL *s, int session)
  351. {
  352. /* This gets used by clients and servers. */
  353. SSL_SESSION *ss = NULL;
  354. if ((ss = SSL_SESSION_new()) == NULL) {
  355. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
  356. ERR_R_MALLOC_FAILURE);
  357. return 0;
  358. }
  359. /* If the context has a default timeout, use it */
  360. if (s->session_ctx->session_timeout == 0)
  361. ss->timeout = SSL_get_default_timeout(s);
  362. else
  363. ss->timeout = s->session_ctx->session_timeout;
  364. SSL_SESSION_free(s->session);
  365. s->session = NULL;
  366. if (session) {
  367. if (SSL_IS_TLS13(s)) {
  368. /*
  369. * We generate the session id while constructing the
  370. * NewSessionTicket in TLSv1.3.
  371. */
  372. ss->session_id_length = 0;
  373. } else if (!ssl_generate_session_id(s, ss)) {
  374. /* SSLfatal() already called */
  375. SSL_SESSION_free(ss);
  376. return 0;
  377. }
  378. } else {
  379. ss->session_id_length = 0;
  380. }
  381. if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
  382. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
  383. ERR_R_INTERNAL_ERROR);
  384. SSL_SESSION_free(ss);
  385. return 0;
  386. }
  387. memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
  388. ss->sid_ctx_length = s->sid_ctx_length;
  389. s->session = ss;
  390. ss->ssl_version = s->version;
  391. ss->verify_result = X509_V_OK;
  392. /* If client supports extended master secret set it in session */
  393. if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)
  394. ss->flags |= SSL_SESS_FLAG_EXTMS;
  395. return 1;
  396. }
  397. SSL_SESSION *lookup_sess_in_cache(SSL *s, const unsigned char *sess_id,
  398. size_t sess_id_len)
  399. {
  400. SSL_SESSION *ret = NULL;
  401. if ((s->session_ctx->session_cache_mode
  402. & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) == 0) {
  403. SSL_SESSION data;
  404. data.ssl_version = s->version;
  405. if (!ossl_assert(sess_id_len <= SSL_MAX_SSL_SESSION_ID_LENGTH))
  406. return NULL;
  407. memcpy(data.session_id, sess_id, sess_id_len);
  408. data.session_id_length = sess_id_len;
  409. CRYPTO_THREAD_read_lock(s->session_ctx->lock);
  410. ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
  411. if (ret != NULL) {
  412. /* don't allow other threads to steal it: */
  413. SSL_SESSION_up_ref(ret);
  414. }
  415. CRYPTO_THREAD_unlock(s->session_ctx->lock);
  416. if (ret == NULL)
  417. tsan_counter(&s->session_ctx->stats.sess_miss);
  418. }
  419. if (ret == NULL && s->session_ctx->get_session_cb != NULL) {
  420. int copy = 1;
  421. ret = s->session_ctx->get_session_cb(s, sess_id, sess_id_len, &copy);
  422. if (ret != NULL) {
  423. tsan_counter(&s->session_ctx->stats.sess_cb_hit);
  424. /*
  425. * Increment reference count now if the session callback asks us
  426. * to do so (note that if the session structures returned by the
  427. * callback are shared between threads, it must handle the
  428. * reference count itself [i.e. copy == 0], or things won't be
  429. * thread-safe).
  430. */
  431. if (copy)
  432. SSL_SESSION_up_ref(ret);
  433. /*
  434. * Add the externally cached session to the internal cache as
  435. * well if and only if we are supposed to.
  436. */
  437. if ((s->session_ctx->session_cache_mode &
  438. SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0) {
  439. /*
  440. * Either return value of SSL_CTX_add_session should not
  441. * interrupt the session resumption process. The return
  442. * value is intentionally ignored.
  443. */
  444. (void)SSL_CTX_add_session(s->session_ctx, ret);
  445. }
  446. }
  447. }
  448. return ret;
  449. }
  450. /*-
  451. * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
  452. * connection. It is only called by servers.
  453. *
  454. * hello: The parsed ClientHello data
  455. *
  456. * Returns:
  457. * -1: fatal error
  458. * 0: no session found
  459. * 1: a session may have been found.
  460. *
  461. * Side effects:
  462. * - If a session is found then s->session is pointed at it (after freeing an
  463. * existing session if need be) and s->verify_result is set from the session.
  464. * - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
  465. * if the server should issue a new session ticket (to 0 otherwise).
  466. */
  467. int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
  468. {
  469. /* This is used only by servers. */
  470. SSL_SESSION *ret = NULL;
  471. int fatal = 0;
  472. int try_session_cache = 0;
  473. SSL_TICKET_STATUS r;
  474. if (SSL_IS_TLS13(s)) {
  475. /*
  476. * By default we will send a new ticket. This can be overridden in the
  477. * ticket processing.
  478. */
  479. s->ext.ticket_expected = 1;
  480. if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,
  481. SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,
  482. NULL, 0)
  483. || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,
  484. hello->pre_proc_exts, NULL, 0))
  485. return -1;
  486. ret = s->session;
  487. } else {
  488. /* sets s->ext.ticket_expected */
  489. r = tls_get_ticket_from_client(s, hello, &ret);
  490. switch (r) {
  491. case SSL_TICKET_FATAL_ERR_MALLOC:
  492. case SSL_TICKET_FATAL_ERR_OTHER:
  493. fatal = 1;
  494. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
  495. ERR_R_INTERNAL_ERROR);
  496. goto err;
  497. case SSL_TICKET_NONE:
  498. case SSL_TICKET_EMPTY:
  499. if (hello->session_id_len > 0) {
  500. try_session_cache = 1;
  501. ret = lookup_sess_in_cache(s, hello->session_id,
  502. hello->session_id_len);
  503. }
  504. break;
  505. case SSL_TICKET_NO_DECRYPT:
  506. case SSL_TICKET_SUCCESS:
  507. case SSL_TICKET_SUCCESS_RENEW:
  508. break;
  509. }
  510. }
  511. if (ret == NULL)
  512. goto err;
  513. /* Now ret is non-NULL and we own one of its reference counts. */
  514. /* Check TLS version consistency */
  515. if (ret->ssl_version != s->version)
  516. goto err;
  517. if (ret->sid_ctx_length != s->sid_ctx_length
  518. || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
  519. /*
  520. * We have the session requested by the client, but we don't want to
  521. * use it in this context.
  522. */
  523. goto err; /* treat like cache miss */
  524. }
  525. if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
  526. /*
  527. * We can't be sure if this session is being used out of context,
  528. * which is especially important for SSL_VERIFY_PEER. The application
  529. * should have used SSL[_CTX]_set_session_id_context. For this error
  530. * case, we generate an error instead of treating the event like a
  531. * cache miss (otherwise it would be easy for applications to
  532. * effectively disable the session cache by accident without anyone
  533. * noticing).
  534. */
  535. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
  536. SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
  537. fatal = 1;
  538. goto err;
  539. }
  540. if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
  541. tsan_counter(&s->session_ctx->stats.sess_timeout);
  542. if (try_session_cache) {
  543. /* session was from the cache, so remove it */
  544. SSL_CTX_remove_session(s->session_ctx, ret);
  545. }
  546. goto err;
  547. }
  548. /* Check extended master secret extension consistency */
  549. if (ret->flags & SSL_SESS_FLAG_EXTMS) {
  550. /* If old session includes extms, but new does not: abort handshake */
  551. if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)) {
  552. SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL_GET_PREV_SESSION,
  553. SSL_R_INCONSISTENT_EXTMS);
  554. fatal = 1;
  555. goto err;
  556. }
  557. } else if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
  558. /* If new session includes extms, but old does not: do not resume */
  559. goto err;
  560. }
  561. if (!SSL_IS_TLS13(s)) {
  562. /* We already did this for TLS1.3 */
  563. SSL_SESSION_free(s->session);
  564. s->session = ret;
  565. }
  566. tsan_counter(&s->session_ctx->stats.sess_hit);
  567. s->verify_result = s->session->verify_result;
  568. return 1;
  569. err:
  570. if (ret != NULL) {
  571. SSL_SESSION_free(ret);
  572. /* In TLSv1.3 s->session was already set to ret, so we NULL it out */
  573. if (SSL_IS_TLS13(s))
  574. s->session = NULL;
  575. if (!try_session_cache) {
  576. /*
  577. * The session was from a ticket, so we should issue a ticket for
  578. * the new session
  579. */
  580. s->ext.ticket_expected = 1;
  581. }
  582. }
  583. if (fatal)
  584. return -1;
  585. return 0;
  586. }
  587. int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
  588. {
  589. int ret = 0;
  590. SSL_SESSION *s;
  591. /*
  592. * add just 1 reference count for the SSL_CTX's session cache even though
  593. * it has two ways of access: each session is in a doubly linked list and
  594. * an lhash
  595. */
  596. SSL_SESSION_up_ref(c);
  597. /*
  598. * if session c is in already in cache, we take back the increment later
  599. */
  600. CRYPTO_THREAD_write_lock(ctx->lock);
  601. s = lh_SSL_SESSION_insert(ctx->sessions, c);
  602. /*
  603. * s != NULL iff we already had a session with the given PID. In this
  604. * case, s == c should hold (then we did not really modify
  605. * ctx->sessions), or we're in trouble.
  606. */
  607. if (s != NULL && s != c) {
  608. /* We *are* in trouble ... */
  609. SSL_SESSION_list_remove(ctx, s);
  610. SSL_SESSION_free(s);
  611. /*
  612. * ... so pretend the other session did not exist in cache (we cannot
  613. * handle two SSL_SESSION structures with identical session ID in the
  614. * same cache, which could happen e.g. when two threads concurrently
  615. * obtain the same session from an external cache)
  616. */
  617. s = NULL;
  618. } else if (s == NULL &&
  619. lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
  620. /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
  621. /*
  622. * ... so take back the extra reference and also don't add
  623. * the session to the SSL_SESSION_list at this time
  624. */
  625. s = c;
  626. }
  627. /* Put at the head of the queue unless it is already in the cache */
  628. if (s == NULL)
  629. SSL_SESSION_list_add(ctx, c);
  630. if (s != NULL) {
  631. /*
  632. * existing cache entry -- decrement previously incremented reference
  633. * count because it already takes into account the cache
  634. */
  635. SSL_SESSION_free(s); /* s == c */
  636. ret = 0;
  637. } else {
  638. /*
  639. * new cache entry -- remove old ones if cache has become too large
  640. */
  641. ret = 1;
  642. if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
  643. while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
  644. if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
  645. break;
  646. else
  647. tsan_counter(&ctx->stats.sess_cache_full);
  648. }
  649. }
  650. }
  651. CRYPTO_THREAD_unlock(ctx->lock);
  652. return ret;
  653. }
  654. int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
  655. {
  656. return remove_session_lock(ctx, c, 1);
  657. }
  658. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
  659. {
  660. SSL_SESSION *r;
  661. int ret = 0;
  662. if ((c != NULL) && (c->session_id_length != 0)) {
  663. if (lck)
  664. CRYPTO_THREAD_write_lock(ctx->lock);
  665. if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) {
  666. ret = 1;
  667. r = lh_SSL_SESSION_delete(ctx->sessions, r);
  668. SSL_SESSION_list_remove(ctx, r);
  669. }
  670. c->not_resumable = 1;
  671. if (lck)
  672. CRYPTO_THREAD_unlock(ctx->lock);
  673. if (ctx->remove_session_cb != NULL)
  674. ctx->remove_session_cb(ctx, c);
  675. if (ret)
  676. SSL_SESSION_free(r);
  677. } else
  678. ret = 0;
  679. return ret;
  680. }
  681. void SSL_SESSION_free(SSL_SESSION *ss)
  682. {
  683. int i;
  684. if (ss == NULL)
  685. return;
  686. CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
  687. REF_PRINT_COUNT("SSL_SESSION", ss);
  688. if (i > 0)
  689. return;
  690. REF_ASSERT_ISNT(i < 0);
  691. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
  692. OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
  693. OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
  694. X509_free(ss->peer);
  695. sk_X509_pop_free(ss->peer_chain, X509_free);
  696. sk_SSL_CIPHER_free(ss->ciphers);
  697. OPENSSL_free(ss->ext.hostname);
  698. OPENSSL_free(ss->ext.tick);
  699. #ifndef OPENSSL_NO_EC
  700. OPENSSL_free(ss->ext.ecpointformats);
  701. ss->ext.ecpointformats = NULL;
  702. ss->ext.ecpointformats_len = 0;
  703. OPENSSL_free(ss->ext.supportedgroups);
  704. ss->ext.supportedgroups = NULL;
  705. ss->ext.supportedgroups_len = 0;
  706. #endif /* OPENSSL_NO_EC */
  707. #ifndef OPENSSL_NO_PSK
  708. OPENSSL_free(ss->psk_identity_hint);
  709. OPENSSL_free(ss->psk_identity);
  710. #endif
  711. #ifndef OPENSSL_NO_SRP
  712. OPENSSL_free(ss->srp_username);
  713. #endif
  714. OPENSSL_free(ss->ext.alpn_selected);
  715. OPENSSL_free(ss->ticket_appdata);
  716. CRYPTO_THREAD_lock_free(ss->lock);
  717. OPENSSL_clear_free(ss, sizeof(*ss));
  718. }
  719. int SSL_SESSION_up_ref(SSL_SESSION *ss)
  720. {
  721. int i;
  722. if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
  723. return 0;
  724. REF_PRINT_COUNT("SSL_SESSION", ss);
  725. REF_ASSERT_ISNT(i < 2);
  726. return ((i > 1) ? 1 : 0);
  727. }
  728. int SSL_set_session(SSL *s, SSL_SESSION *session)
  729. {
  730. ssl_clear_bad_session(s);
  731. if (s->ctx->method != s->method) {
  732. if (!SSL_set_ssl_method(s, s->ctx->method))
  733. return 0;
  734. }
  735. if (session != NULL) {
  736. SSL_SESSION_up_ref(session);
  737. s->verify_result = session->verify_result;
  738. }
  739. SSL_SESSION_free(s->session);
  740. s->session = session;
  741. return 1;
  742. }
  743. int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
  744. unsigned int sid_len)
  745. {
  746. if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
  747. SSLerr(SSL_F_SSL_SESSION_SET1_ID,
  748. SSL_R_SSL_SESSION_ID_TOO_LONG);
  749. return 0;
  750. }
  751. s->session_id_length = sid_len;
  752. if (sid != s->session_id)
  753. memcpy(s->session_id, sid, sid_len);
  754. return 1;
  755. }
  756. long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
  757. {
  758. if (s == NULL)
  759. return 0;
  760. s->timeout = t;
  761. return 1;
  762. }
  763. long SSL_SESSION_get_timeout(const SSL_SESSION *s)
  764. {
  765. if (s == NULL)
  766. return 0;
  767. return s->timeout;
  768. }
  769. long SSL_SESSION_get_time(const SSL_SESSION *s)
  770. {
  771. if (s == NULL)
  772. return 0;
  773. return s->time;
  774. }
  775. long SSL_SESSION_set_time(SSL_SESSION *s, long t)
  776. {
  777. if (s == NULL)
  778. return 0;
  779. s->time = t;
  780. return t;
  781. }
  782. int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
  783. {
  784. return s->ssl_version;
  785. }
  786. int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version)
  787. {
  788. s->ssl_version = version;
  789. return 1;
  790. }
  791. const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
  792. {
  793. return s->cipher;
  794. }
  795. int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher)
  796. {
  797. s->cipher = cipher;
  798. return 1;
  799. }
  800. const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
  801. {
  802. return s->ext.hostname;
  803. }
  804. int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname)
  805. {
  806. OPENSSL_free(s->ext.hostname);
  807. if (hostname == NULL) {
  808. s->ext.hostname = NULL;
  809. return 1;
  810. }
  811. s->ext.hostname = OPENSSL_strdup(hostname);
  812. return s->ext.hostname != NULL;
  813. }
  814. int SSL_SESSION_has_ticket(const SSL_SESSION *s)
  815. {
  816. return (s->ext.ticklen > 0) ? 1 : 0;
  817. }
  818. unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
  819. {
  820. return s->ext.tick_lifetime_hint;
  821. }
  822. void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
  823. size_t *len)
  824. {
  825. *len = s->ext.ticklen;
  826. if (tick != NULL)
  827. *tick = s->ext.tick;
  828. }
  829. uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
  830. {
  831. return s->ext.max_early_data;
  832. }
  833. int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
  834. {
  835. s->ext.max_early_data = max_early_data;
  836. return 1;
  837. }
  838. void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
  839. const unsigned char **alpn,
  840. size_t *len)
  841. {
  842. *alpn = s->ext.alpn_selected;
  843. *len = s->ext.alpn_selected_len;
  844. }
  845. int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
  846. size_t len)
  847. {
  848. OPENSSL_free(s->ext.alpn_selected);
  849. if (alpn == NULL || len == 0) {
  850. s->ext.alpn_selected = NULL;
  851. s->ext.alpn_selected_len = 0;
  852. return 1;
  853. }
  854. s->ext.alpn_selected = OPENSSL_memdup(alpn, len);
  855. if (s->ext.alpn_selected == NULL) {
  856. s->ext.alpn_selected_len = 0;
  857. return 0;
  858. }
  859. s->ext.alpn_selected_len = len;
  860. return 1;
  861. }
  862. X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
  863. {
  864. return s->peer;
  865. }
  866. int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
  867. unsigned int sid_ctx_len)
  868. {
  869. if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
  870. SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
  871. SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  872. return 0;
  873. }
  874. s->sid_ctx_length = sid_ctx_len;
  875. if (sid_ctx != s->sid_ctx)
  876. memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
  877. return 1;
  878. }
  879. int SSL_SESSION_is_resumable(const SSL_SESSION *s)
  880. {
  881. /*
  882. * In the case of EAP-FAST, we can have a pre-shared "ticket" without a
  883. * session ID.
  884. */
  885. return !s->not_resumable
  886. && (s->session_id_length > 0 || s->ext.ticklen > 0);
  887. }
  888. long SSL_CTX_set_timeout(SSL_CTX *s, long t)
  889. {
  890. long l;
  891. if (s == NULL)
  892. return 0;
  893. l = s->session_timeout;
  894. s->session_timeout = t;
  895. return l;
  896. }
  897. long SSL_CTX_get_timeout(const SSL_CTX *s)
  898. {
  899. if (s == NULL)
  900. return 0;
  901. return s->session_timeout;
  902. }
  903. int SSL_set_session_secret_cb(SSL *s,
  904. tls_session_secret_cb_fn tls_session_secret_cb,
  905. void *arg)
  906. {
  907. if (s == NULL)
  908. return 0;
  909. s->ext.session_secret_cb = tls_session_secret_cb;
  910. s->ext.session_secret_cb_arg = arg;
  911. return 1;
  912. }
  913. int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
  914. void *arg)
  915. {
  916. if (s == NULL)
  917. return 0;
  918. s->ext.session_ticket_cb = cb;
  919. s->ext.session_ticket_cb_arg = arg;
  920. return 1;
  921. }
  922. int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
  923. {
  924. if (s->version >= TLS1_VERSION) {
  925. OPENSSL_free(s->ext.session_ticket);
  926. s->ext.session_ticket = NULL;
  927. s->ext.session_ticket =
  928. OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
  929. if (s->ext.session_ticket == NULL) {
  930. SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
  931. return 0;
  932. }
  933. if (ext_data != NULL) {
  934. s->ext.session_ticket->length = ext_len;
  935. s->ext.session_ticket->data = s->ext.session_ticket + 1;
  936. memcpy(s->ext.session_ticket->data, ext_data, ext_len);
  937. } else {
  938. s->ext.session_ticket->length = 0;
  939. s->ext.session_ticket->data = NULL;
  940. }
  941. return 1;
  942. }
  943. return 0;
  944. }
  945. typedef struct timeout_param_st {
  946. SSL_CTX *ctx;
  947. long time;
  948. LHASH_OF(SSL_SESSION) *cache;
  949. } TIMEOUT_PARAM;
  950. static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p)
  951. {
  952. if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
  953. /*
  954. * The reason we don't call SSL_CTX_remove_session() is to save on
  955. * locking overhead
  956. */
  957. (void)lh_SSL_SESSION_delete(p->cache, s);
  958. SSL_SESSION_list_remove(p->ctx, s);
  959. s->not_resumable = 1;
  960. if (p->ctx->remove_session_cb != NULL)
  961. p->ctx->remove_session_cb(p->ctx, s);
  962. SSL_SESSION_free(s);
  963. }
  964. }
  965. IMPLEMENT_LHASH_DOALL_ARG(SSL_SESSION, TIMEOUT_PARAM);
  966. void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
  967. {
  968. unsigned long i;
  969. TIMEOUT_PARAM tp;
  970. tp.ctx = s;
  971. tp.cache = s->sessions;
  972. if (tp.cache == NULL)
  973. return;
  974. tp.time = t;
  975. CRYPTO_THREAD_write_lock(s->lock);
  976. i = lh_SSL_SESSION_get_down_load(s->sessions);
  977. lh_SSL_SESSION_set_down_load(s->sessions, 0);
  978. lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
  979. lh_SSL_SESSION_set_down_load(s->sessions, i);
  980. CRYPTO_THREAD_unlock(s->lock);
  981. }
  982. int ssl_clear_bad_session(SSL *s)
  983. {
  984. if ((s->session != NULL) &&
  985. !(s->shutdown & SSL_SENT_SHUTDOWN) &&
  986. !(SSL_in_init(s) || SSL_in_before(s))) {
  987. SSL_CTX_remove_session(s->session_ctx, s->session);
  988. return 1;
  989. } else
  990. return 0;
  991. }
  992. /* locked by SSL_CTX in the calling function */
  993. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
  994. {
  995. if ((s->next == NULL) || (s->prev == NULL))
  996. return;
  997. if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
  998. /* last element in list */
  999. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
  1000. /* only one element in list */
  1001. ctx->session_cache_head = NULL;
  1002. ctx->session_cache_tail = NULL;
  1003. } else {
  1004. ctx->session_cache_tail = s->prev;
  1005. s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
  1006. }
  1007. } else {
  1008. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
  1009. /* first element in list */
  1010. ctx->session_cache_head = s->next;
  1011. s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
  1012. } else {
  1013. /* middle of list */
  1014. s->next->prev = s->prev;
  1015. s->prev->next = s->next;
  1016. }
  1017. }
  1018. s->prev = s->next = NULL;
  1019. }
  1020. static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
  1021. {
  1022. if ((s->next != NULL) && (s->prev != NULL))
  1023. SSL_SESSION_list_remove(ctx, s);
  1024. if (ctx->session_cache_head == NULL) {
  1025. ctx->session_cache_head = s;
  1026. ctx->session_cache_tail = s;
  1027. s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
  1028. s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
  1029. } else {
  1030. s->next = ctx->session_cache_head;
  1031. s->next->prev = s;
  1032. s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
  1033. ctx->session_cache_head = s;
  1034. }
  1035. }
  1036. void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
  1037. int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
  1038. {
  1039. ctx->new_session_cb = cb;
  1040. }
  1041. int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
  1042. return ctx->new_session_cb;
  1043. }
  1044. void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
  1045. void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
  1046. {
  1047. ctx->remove_session_cb = cb;
  1048. }
  1049. void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
  1050. SSL_SESSION *sess) {
  1051. return ctx->remove_session_cb;
  1052. }
  1053. void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
  1054. SSL_SESSION *(*cb) (struct ssl_st *ssl,
  1055. const unsigned char *data,
  1056. int len, int *copy))
  1057. {
  1058. ctx->get_session_cb = cb;
  1059. }
  1060. SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
  1061. const unsigned char
  1062. *data, int len,
  1063. int *copy) {
  1064. return ctx->get_session_cb;
  1065. }
  1066. void SSL_CTX_set_info_callback(SSL_CTX *ctx,
  1067. void (*cb) (const SSL *ssl, int type, int val))
  1068. {
  1069. ctx->info_callback = cb;
  1070. }
  1071. void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
  1072. int val) {
  1073. return ctx->info_callback;
  1074. }
  1075. void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
  1076. int (*cb) (SSL *ssl, X509 **x509,
  1077. EVP_PKEY **pkey))
  1078. {
  1079. ctx->client_cert_cb = cb;
  1080. }
  1081. int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
  1082. EVP_PKEY **pkey) {
  1083. return ctx->client_cert_cb;
  1084. }
  1085. #ifndef OPENSSL_NO_ENGINE
  1086. int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
  1087. {
  1088. if (!ENGINE_init(e)) {
  1089. SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
  1090. return 0;
  1091. }
  1092. if (!ENGINE_get_ssl_client_cert_function(e)) {
  1093. SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
  1094. SSL_R_NO_CLIENT_CERT_METHOD);
  1095. ENGINE_finish(e);
  1096. return 0;
  1097. }
  1098. ctx->client_cert_engine = e;
  1099. return 1;
  1100. }
  1101. #endif
  1102. void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
  1103. int (*cb) (SSL *ssl,
  1104. unsigned char *cookie,
  1105. unsigned int *cookie_len))
  1106. {
  1107. ctx->app_gen_cookie_cb = cb;
  1108. }
  1109. void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
  1110. int (*cb) (SSL *ssl,
  1111. const unsigned char *cookie,
  1112. unsigned int cookie_len))
  1113. {
  1114. ctx->app_verify_cookie_cb = cb;
  1115. }
  1116. int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len)
  1117. {
  1118. OPENSSL_free(ss->ticket_appdata);
  1119. ss->ticket_appdata_len = 0;
  1120. if (data == NULL || len == 0) {
  1121. ss->ticket_appdata = NULL;
  1122. return 1;
  1123. }
  1124. ss->ticket_appdata = OPENSSL_memdup(data, len);
  1125. if (ss->ticket_appdata != NULL) {
  1126. ss->ticket_appdata_len = len;
  1127. return 1;
  1128. }
  1129. return 0;
  1130. }
  1131. int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len)
  1132. {
  1133. *data = ss->ticket_appdata;
  1134. *len = ss->ticket_appdata_len;
  1135. return 1;
  1136. }
  1137. void SSL_CTX_set_stateless_cookie_generate_cb(
  1138. SSL_CTX *ctx,
  1139. int (*cb) (SSL *ssl,
  1140. unsigned char *cookie,
  1141. size_t *cookie_len))
  1142. {
  1143. ctx->gen_stateless_cookie_cb = cb;
  1144. }
  1145. void SSL_CTX_set_stateless_cookie_verify_cb(
  1146. SSL_CTX *ctx,
  1147. int (*cb) (SSL *ssl,
  1148. const unsigned char *cookie,
  1149. size_t cookie_len))
  1150. {
  1151. ctx->verify_stateless_cookie_cb = cb;
  1152. }
  1153. IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)