2
0

ssl_sess.c 30 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035
  1. /* ssl/ssl_sess.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. /* ====================================================================
  59. * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
  60. *
  61. * Redistribution and use in source and binary forms, with or without
  62. * modification, are permitted provided that the following conditions
  63. * are met:
  64. *
  65. * 1. Redistributions of source code must retain the above copyright
  66. * notice, this list of conditions and the following disclaimer.
  67. *
  68. * 2. Redistributions in binary form must reproduce the above copyright
  69. * notice, this list of conditions and the following disclaimer in
  70. * the documentation and/or other materials provided with the
  71. * distribution.
  72. *
  73. * 3. All advertising materials mentioning features or use of this
  74. * software must display the following acknowledgment:
  75. * "This product includes software developed by the OpenSSL Project
  76. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  77. *
  78. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  79. * endorse or promote products derived from this software without
  80. * prior written permission. For written permission, please contact
  81. * openssl-core@openssl.org.
  82. *
  83. * 5. Products derived from this software may not be called "OpenSSL"
  84. * nor may "OpenSSL" appear in their names without prior written
  85. * permission of the OpenSSL Project.
  86. *
  87. * 6. Redistributions of any form whatsoever must retain the following
  88. * acknowledgment:
  89. * "This product includes software developed by the OpenSSL Project
  90. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  91. *
  92. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  93. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  94. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  95. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  96. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  97. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  98. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  99. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  100. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  101. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  102. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  103. * OF THE POSSIBILITY OF SUCH DAMAGE.
  104. * ====================================================================
  105. *
  106. * This product includes cryptographic software written by Eric Young
  107. * (eay@cryptsoft.com). This product includes software written by Tim
  108. * Hudson (tjh@cryptsoft.com).
  109. *
  110. */
  111. /* ====================================================================
  112. * Copyright 2005 Nokia. All rights reserved.
  113. *
  114. * The portions of the attached software ("Contribution") is developed by
  115. * Nokia Corporation and is licensed pursuant to the OpenSSL open source
  116. * license.
  117. *
  118. * The Contribution, originally written by Mika Kousa and Pasi Eronen of
  119. * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
  120. * support (see RFC 4279) to OpenSSL.
  121. *
  122. * No patent licenses or other rights except those expressly stated in
  123. * the OpenSSL open source license shall be deemed granted or received
  124. * expressly, by implication, estoppel, or otherwise.
  125. *
  126. * No assurances are provided by Nokia that the Contribution does not
  127. * infringe the patent or other intellectual property rights of any third
  128. * party or that the license provides you with all the necessary rights
  129. * to make use of the Contribution.
  130. *
  131. * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
  132. * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
  133. * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  134. * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  135. * OTHERWISE.
  136. */
  137. #include <stdio.h>
  138. #include <openssl/lhash.h>
  139. #include <openssl/rand.h>
  140. #ifndef OPENSSL_NO_ENGINE
  141. #include <openssl/engine.h>
  142. #endif
  143. #include "ssl_locl.h"
  144. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
  145. static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
  146. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
  147. SSL_SESSION *SSL_get_session(const SSL *ssl)
  148. /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
  149. {
  150. return(ssl->session);
  151. }
  152. SSL_SESSION *SSL_get1_session(SSL *ssl)
  153. /* variant of SSL_get_session: caller really gets something */
  154. {
  155. SSL_SESSION *sess;
  156. /* Need to lock this all up rather than just use CRYPTO_add so that
  157. * somebody doesn't free ssl->session between when we check it's
  158. * non-null and when we up the reference count. */
  159. CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
  160. sess = ssl->session;
  161. if(sess)
  162. sess->references++;
  163. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
  164. return(sess);
  165. }
  166. int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  167. CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
  168. {
  169. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
  170. new_func, dup_func, free_func);
  171. }
  172. int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
  173. {
  174. return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
  175. }
  176. void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
  177. {
  178. return(CRYPTO_get_ex_data(&s->ex_data,idx));
  179. }
  180. SSL_SESSION *SSL_SESSION_new(void)
  181. {
  182. SSL_SESSION *ss;
  183. ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
  184. if (ss == NULL)
  185. {
  186. SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
  187. return(0);
  188. }
  189. memset(ss,0,sizeof(SSL_SESSION));
  190. ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
  191. ss->references=1;
  192. ss->timeout=60*5+4; /* 5 minute timeout by default */
  193. ss->time=(unsigned long)time(NULL);
  194. ss->prev=NULL;
  195. ss->next=NULL;
  196. ss->compress_meth=0;
  197. #ifndef OPENSSL_NO_TLSEXT
  198. ss->tlsext_hostname = NULL;
  199. #ifndef OPENSSL_NO_EC
  200. ss->tlsext_ecpointformatlist_length = 0;
  201. ss->tlsext_ecpointformatlist = NULL;
  202. ss->tlsext_ellipticcurvelist_length = 0;
  203. ss->tlsext_ellipticcurvelist = NULL;
  204. #endif
  205. #endif
  206. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
  207. #ifndef OPENSSL_NO_PSK
  208. ss->psk_identity_hint=NULL;
  209. ss->psk_identity=NULL;
  210. #endif
  211. return(ss);
  212. }
  213. const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
  214. {
  215. if(len)
  216. *len = s->session_id_length;
  217. return s->session_id;
  218. }
  219. /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
  220. * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
  221. * until we have no conflict is going to complete in one iteration pretty much
  222. * "most" of the time (btw: understatement). So, if it takes us 10 iterations
  223. * and we still can't avoid a conflict - well that's a reasonable point to call
  224. * it quits. Either the RAND code is broken or someone is trying to open roughly
  225. * very close to 2^128 (or 2^256) SSL sessions to our server. How you might
  226. * store that many sessions is perhaps a more interesting question ... */
  227. #define MAX_SESS_ID_ATTEMPTS 10
  228. static int def_generate_session_id(const SSL *ssl, unsigned char *id,
  229. unsigned int *id_len)
  230. {
  231. unsigned int retry = 0;
  232. do
  233. if (RAND_pseudo_bytes(id, *id_len) <= 0)
  234. return 0;
  235. while(SSL_has_matching_session_id(ssl, id, *id_len) &&
  236. (++retry < MAX_SESS_ID_ATTEMPTS));
  237. if(retry < MAX_SESS_ID_ATTEMPTS)
  238. return 1;
  239. /* else - woops a session_id match */
  240. /* XXX We should also check the external cache --
  241. * but the probability of a collision is negligible, and
  242. * we could not prevent the concurrent creation of sessions
  243. * with identical IDs since we currently don't have means
  244. * to atomically check whether a session ID already exists
  245. * and make a reservation for it if it does not
  246. * (this problem applies to the internal cache as well).
  247. */
  248. return 0;
  249. }
  250. int ssl_get_new_session(SSL *s, int session)
  251. {
  252. /* This gets used by clients and servers. */
  253. unsigned int tmp;
  254. SSL_SESSION *ss=NULL;
  255. GEN_SESSION_CB cb = def_generate_session_id;
  256. if ((ss=SSL_SESSION_new()) == NULL) return(0);
  257. /* If the context has a default timeout, use it */
  258. if (s->session_ctx->session_timeout == 0)
  259. ss->timeout=SSL_get_default_timeout(s);
  260. else
  261. ss->timeout=s->session_ctx->session_timeout;
  262. if (s->session != NULL)
  263. {
  264. SSL_SESSION_free(s->session);
  265. s->session=NULL;
  266. }
  267. if (session)
  268. {
  269. if (s->version == SSL2_VERSION)
  270. {
  271. ss->ssl_version=SSL2_VERSION;
  272. ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
  273. }
  274. else if (s->version == SSL3_VERSION)
  275. {
  276. ss->ssl_version=SSL3_VERSION;
  277. ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
  278. }
  279. else if (s->version == TLS1_VERSION)
  280. {
  281. ss->ssl_version=TLS1_VERSION;
  282. ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
  283. }
  284. else if (s->version == DTLS1_VERSION)
  285. {
  286. ss->ssl_version=DTLS1_VERSION;
  287. ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
  288. }
  289. else
  290. {
  291. SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
  292. SSL_SESSION_free(ss);
  293. return(0);
  294. }
  295. #ifndef OPENSSL_NO_TLSEXT
  296. /* If RFC4507 ticket use empty session ID */
  297. if (s->tlsext_ticket_expected)
  298. {
  299. ss->session_id_length = 0;
  300. goto sess_id_done;
  301. }
  302. #endif
  303. /* Choose which callback will set the session ID */
  304. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  305. if(s->generate_session_id)
  306. cb = s->generate_session_id;
  307. else if(s->session_ctx->generate_session_id)
  308. cb = s->session_ctx->generate_session_id;
  309. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  310. /* Choose a session ID */
  311. tmp = ss->session_id_length;
  312. if(!cb(s, ss->session_id, &tmp))
  313. {
  314. /* The callback failed */
  315. SSLerr(SSL_F_SSL_GET_NEW_SESSION,
  316. SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
  317. SSL_SESSION_free(ss);
  318. return(0);
  319. }
  320. /* Don't allow the callback to set the session length to zero.
  321. * nor set it higher than it was. */
  322. if(!tmp || (tmp > ss->session_id_length))
  323. {
  324. /* The callback set an illegal length */
  325. SSLerr(SSL_F_SSL_GET_NEW_SESSION,
  326. SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
  327. SSL_SESSION_free(ss);
  328. return(0);
  329. }
  330. /* If the session length was shrunk and we're SSLv2, pad it */
  331. if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
  332. memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
  333. else
  334. ss->session_id_length = tmp;
  335. /* Finally, check for a conflict */
  336. if(SSL_has_matching_session_id(s, ss->session_id,
  337. ss->session_id_length))
  338. {
  339. SSLerr(SSL_F_SSL_GET_NEW_SESSION,
  340. SSL_R_SSL_SESSION_ID_CONFLICT);
  341. SSL_SESSION_free(ss);
  342. return(0);
  343. }
  344. #ifndef OPENSSL_NO_TLSEXT
  345. sess_id_done:
  346. if (s->tlsext_hostname) {
  347. ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
  348. if (ss->tlsext_hostname == NULL) {
  349. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
  350. SSL_SESSION_free(ss);
  351. return 0;
  352. }
  353. }
  354. #ifndef OPENSSL_NO_EC
  355. if (s->tlsext_ecpointformatlist)
  356. {
  357. if (ss->tlsext_ecpointformatlist != NULL) OPENSSL_free(ss->tlsext_ecpointformatlist);
  358. if ((ss->tlsext_ecpointformatlist = OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) == NULL)
  359. {
  360. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
  361. SSL_SESSION_free(ss);
  362. return 0;
  363. }
  364. ss->tlsext_ecpointformatlist_length = s->tlsext_ecpointformatlist_length;
  365. memcpy(ss->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
  366. }
  367. if (s->tlsext_ellipticcurvelist)
  368. {
  369. if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
  370. if ((ss->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
  371. {
  372. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
  373. SSL_SESSION_free(ss);
  374. return 0;
  375. }
  376. ss->tlsext_ellipticcurvelist_length = s->tlsext_ellipticcurvelist_length;
  377. memcpy(ss->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist_length);
  378. }
  379. #endif
  380. #endif
  381. }
  382. else
  383. {
  384. ss->session_id_length=0;
  385. }
  386. if (s->sid_ctx_length > sizeof ss->sid_ctx)
  387. {
  388. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
  389. SSL_SESSION_free(ss);
  390. return 0;
  391. }
  392. memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
  393. ss->sid_ctx_length=s->sid_ctx_length;
  394. s->session=ss;
  395. ss->ssl_version=s->version;
  396. ss->verify_result = X509_V_OK;
  397. return(1);
  398. }
  399. int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
  400. const unsigned char *limit)
  401. {
  402. /* This is used only by servers. */
  403. SSL_SESSION *ret=NULL;
  404. int fatal = 0;
  405. #ifndef OPENSSL_NO_TLSEXT
  406. int r;
  407. #endif
  408. if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
  409. goto err;
  410. #ifndef OPENSSL_NO_TLSEXT
  411. r = tls1_process_ticket(s, session_id, len, limit, &ret);
  412. if (r == -1)
  413. {
  414. fatal = 1;
  415. goto err;
  416. }
  417. else if (r == 0 || (!ret && !len))
  418. goto err;
  419. else if (!ret && !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
  420. #else
  421. if (len == 0)
  422. goto err;
  423. if (!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
  424. #endif
  425. {
  426. SSL_SESSION data;
  427. data.ssl_version=s->version;
  428. data.session_id_length=len;
  429. if (len == 0)
  430. return 0;
  431. memcpy(data.session_id,session_id,len);
  432. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  433. ret=lh_SSL_SESSION_retrieve(s->session_ctx->sessions,&data);
  434. if (ret != NULL)
  435. /* don't allow other threads to steal it: */
  436. CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
  437. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  438. }
  439. if (ret == NULL)
  440. {
  441. int copy=1;
  442. s->session_ctx->stats.sess_miss++;
  443. ret=NULL;
  444. if (s->session_ctx->get_session_cb != NULL
  445. && (ret=s->session_ctx->get_session_cb(s,session_id,len,&copy))
  446. != NULL)
  447. {
  448. s->session_ctx->stats.sess_cb_hit++;
  449. /* Increment reference count now if the session callback
  450. * asks us to do so (note that if the session structures
  451. * returned by the callback are shared between threads,
  452. * it must handle the reference count itself [i.e. copy == 0],
  453. * or things won't be thread-safe). */
  454. if (copy)
  455. CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
  456. /* Add the externally cached session to the internal
  457. * cache as well if and only if we are supposed to. */
  458. if(!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
  459. /* The following should not return 1, otherwise,
  460. * things are very strange */
  461. SSL_CTX_add_session(s->session_ctx,ret);
  462. }
  463. if (ret == NULL)
  464. goto err;
  465. }
  466. /* Now ret is non-NULL, and we own one of its reference counts. */
  467. if (ret->sid_ctx_length != s->sid_ctx_length
  468. || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))
  469. {
  470. /* We've found the session named by the client, but we don't
  471. * want to use it in this context. */
  472. #if 0 /* The client cannot always know when a session is not appropriate,
  473. * so we shouldn't generate an error message. */
  474. SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
  475. #endif
  476. goto err; /* treat like cache miss */
  477. }
  478. if((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0)
  479. {
  480. /* We can't be sure if this session is being used out of
  481. * context, which is especially important for SSL_VERIFY_PEER.
  482. * The application should have used SSL[_CTX]_set_session_id_context.
  483. *
  484. * For this error case, we generate an error instead of treating
  485. * the event like a cache miss (otherwise it would be easy for
  486. * applications to effectively disable the session cache by
  487. * accident without anyone noticing).
  488. */
  489. SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
  490. fatal = 1;
  491. goto err;
  492. }
  493. if (ret->cipher == NULL)
  494. {
  495. unsigned char buf[5],*p;
  496. unsigned long l;
  497. p=buf;
  498. l=ret->cipher_id;
  499. l2n(l,p);
  500. if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
  501. ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
  502. else
  503. ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
  504. if (ret->cipher == NULL)
  505. goto err;
  506. }
  507. #if 0 /* This is way too late. */
  508. /* If a thread got the session, then 'swaped', and another got
  509. * it and then due to a time-out decided to 'OPENSSL_free' it we could
  510. * be in trouble. So I'll increment it now, then double decrement
  511. * later - am I speaking rubbish?. */
  512. CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
  513. #endif
  514. if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
  515. {
  516. s->session_ctx->stats.sess_timeout++;
  517. /* remove it from the cache */
  518. SSL_CTX_remove_session(s->session_ctx,ret);
  519. goto err;
  520. }
  521. s->session_ctx->stats.sess_hit++;
  522. /* ret->time=time(NULL); */ /* rezero timeout? */
  523. /* again, just leave the session
  524. * if it is the same session, we have just incremented and
  525. * then decremented the reference count :-) */
  526. if (s->session != NULL)
  527. SSL_SESSION_free(s->session);
  528. s->session=ret;
  529. s->verify_result = s->session->verify_result;
  530. return(1);
  531. err:
  532. if (ret != NULL)
  533. SSL_SESSION_free(ret);
  534. if (fatal)
  535. return -1;
  536. else
  537. return 0;
  538. }
  539. int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
  540. {
  541. int ret=0;
  542. SSL_SESSION *s;
  543. /* add just 1 reference count for the SSL_CTX's session cache
  544. * even though it has two ways of access: each session is in a
  545. * doubly linked list and an lhash */
  546. CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
  547. /* if session c is in already in cache, we take back the increment later */
  548. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  549. s=lh_SSL_SESSION_insert(ctx->sessions,c);
  550. /* s != NULL iff we already had a session with the given PID.
  551. * In this case, s == c should hold (then we did not really modify
  552. * ctx->sessions), or we're in trouble. */
  553. if (s != NULL && s != c)
  554. {
  555. /* We *are* in trouble ... */
  556. SSL_SESSION_list_remove(ctx,s);
  557. SSL_SESSION_free(s);
  558. /* ... so pretend the other session did not exist in cache
  559. * (we cannot handle two SSL_SESSION structures with identical
  560. * session ID in the same cache, which could happen e.g. when
  561. * two threads concurrently obtain the same session from an external
  562. * cache) */
  563. s = NULL;
  564. }
  565. /* Put at the head of the queue unless it is already in the cache */
  566. if (s == NULL)
  567. SSL_SESSION_list_add(ctx,c);
  568. if (s != NULL)
  569. {
  570. /* existing cache entry -- decrement previously incremented reference
  571. * count because it already takes into account the cache */
  572. SSL_SESSION_free(s); /* s == c */
  573. ret=0;
  574. }
  575. else
  576. {
  577. /* new cache entry -- remove old ones if cache has become too large */
  578. ret=1;
  579. if (SSL_CTX_sess_get_cache_size(ctx) > 0)
  580. {
  581. while (SSL_CTX_sess_number(ctx) >
  582. SSL_CTX_sess_get_cache_size(ctx))
  583. {
  584. if (!remove_session_lock(ctx,
  585. ctx->session_cache_tail, 0))
  586. break;
  587. else
  588. ctx->stats.sess_cache_full++;
  589. }
  590. }
  591. }
  592. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  593. return(ret);
  594. }
  595. int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
  596. {
  597. return remove_session_lock(ctx, c, 1);
  598. }
  599. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
  600. {
  601. SSL_SESSION *r;
  602. int ret=0;
  603. if ((c != NULL) && (c->session_id_length != 0))
  604. {
  605. if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  606. if ((r = lh_SSL_SESSION_retrieve(ctx->sessions,c)) == c)
  607. {
  608. ret=1;
  609. r=lh_SSL_SESSION_delete(ctx->sessions,c);
  610. SSL_SESSION_list_remove(ctx,c);
  611. }
  612. if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  613. if (ret)
  614. {
  615. r->not_resumable=1;
  616. if (ctx->remove_session_cb != NULL)
  617. ctx->remove_session_cb(ctx,r);
  618. SSL_SESSION_free(r);
  619. }
  620. }
  621. else
  622. ret=0;
  623. return(ret);
  624. }
  625. void SSL_SESSION_free(SSL_SESSION *ss)
  626. {
  627. int i;
  628. if(ss == NULL)
  629. return;
  630. i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
  631. #ifdef REF_PRINT
  632. REF_PRINT("SSL_SESSION",ss);
  633. #endif
  634. if (i > 0) return;
  635. #ifdef REF_CHECK
  636. if (i < 0)
  637. {
  638. fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
  639. abort(); /* ok */
  640. }
  641. #endif
  642. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
  643. OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg);
  644. OPENSSL_cleanse(ss->master_key,sizeof ss->master_key);
  645. OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
  646. if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
  647. if (ss->peer != NULL) X509_free(ss->peer);
  648. if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
  649. #ifndef OPENSSL_NO_TLSEXT
  650. if (ss->tlsext_hostname != NULL) OPENSSL_free(ss->tlsext_hostname);
  651. if (ss->tlsext_tick != NULL) OPENSSL_free(ss->tlsext_tick);
  652. #ifndef OPENSSL_NO_EC
  653. ss->tlsext_ecpointformatlist_length = 0;
  654. if (ss->tlsext_ecpointformatlist != NULL) OPENSSL_free(ss->tlsext_ecpointformatlist);
  655. ss->tlsext_ellipticcurvelist_length = 0;
  656. if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
  657. #endif /* OPENSSL_NO_EC */
  658. #endif
  659. #ifndef OPENSSL_NO_PSK
  660. if (ss->psk_identity_hint != NULL)
  661. OPENSSL_free(ss->psk_identity_hint);
  662. if (ss->psk_identity != NULL)
  663. OPENSSL_free(ss->psk_identity);
  664. #endif
  665. OPENSSL_cleanse(ss,sizeof(*ss));
  666. OPENSSL_free(ss);
  667. }
  668. int SSL_set_session(SSL *s, SSL_SESSION *session)
  669. {
  670. int ret=0;
  671. const SSL_METHOD *meth;
  672. if (session != NULL)
  673. {
  674. meth=s->ctx->method->get_ssl_method(session->ssl_version);
  675. if (meth == NULL)
  676. meth=s->method->get_ssl_method(session->ssl_version);
  677. if (meth == NULL)
  678. {
  679. SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
  680. return(0);
  681. }
  682. if (meth != s->method)
  683. {
  684. if (!SSL_set_ssl_method(s,meth))
  685. return(0);
  686. if (s->ctx->session_timeout == 0)
  687. session->timeout=SSL_get_default_timeout(s);
  688. else
  689. session->timeout=s->ctx->session_timeout;
  690. }
  691. #ifndef OPENSSL_NO_KRB5
  692. if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
  693. session->krb5_client_princ_len > 0)
  694. {
  695. s->kssl_ctx->client_princ = (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
  696. memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
  697. session->krb5_client_princ_len);
  698. s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
  699. }
  700. #endif /* OPENSSL_NO_KRB5 */
  701. /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
  702. CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
  703. if (s->session != NULL)
  704. SSL_SESSION_free(s->session);
  705. s->session=session;
  706. s->verify_result = s->session->verify_result;
  707. /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
  708. ret=1;
  709. }
  710. else
  711. {
  712. if (s->session != NULL)
  713. {
  714. SSL_SESSION_free(s->session);
  715. s->session=NULL;
  716. }
  717. meth=s->ctx->method;
  718. if (meth != s->method)
  719. {
  720. if (!SSL_set_ssl_method(s,meth))
  721. return(0);
  722. }
  723. ret=1;
  724. }
  725. return(ret);
  726. }
  727. long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
  728. {
  729. if (s == NULL) return(0);
  730. s->timeout=t;
  731. return(1);
  732. }
  733. long SSL_SESSION_get_timeout(const SSL_SESSION *s)
  734. {
  735. if (s == NULL) return(0);
  736. return(s->timeout);
  737. }
  738. long SSL_SESSION_get_time(const SSL_SESSION *s)
  739. {
  740. if (s == NULL) return(0);
  741. return(s->time);
  742. }
  743. long SSL_SESSION_set_time(SSL_SESSION *s, long t)
  744. {
  745. if (s == NULL) return(0);
  746. s->time=t;
  747. return(t);
  748. }
  749. long SSL_CTX_set_timeout(SSL_CTX *s, long t)
  750. {
  751. long l;
  752. if (s == NULL) return(0);
  753. l=s->session_timeout;
  754. s->session_timeout=t;
  755. return(l);
  756. }
  757. long SSL_CTX_get_timeout(const SSL_CTX *s)
  758. {
  759. if (s == NULL) return(0);
  760. return(s->session_timeout);
  761. }
  762. typedef struct timeout_param_st
  763. {
  764. SSL_CTX *ctx;
  765. long time;
  766. LHASH_OF(SSL_SESSION) *cache;
  767. } TIMEOUT_PARAM;
  768. static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
  769. {
  770. if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
  771. {
  772. /* The reason we don't call SSL_CTX_remove_session() is to
  773. * save on locking overhead */
  774. (void)lh_SSL_SESSION_delete(p->cache,s);
  775. SSL_SESSION_list_remove(p->ctx,s);
  776. s->not_resumable=1;
  777. if (p->ctx->remove_session_cb != NULL)
  778. p->ctx->remove_session_cb(p->ctx,s);
  779. SSL_SESSION_free(s);
  780. }
  781. }
  782. static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
  783. void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
  784. {
  785. unsigned long i;
  786. TIMEOUT_PARAM tp;
  787. tp.ctx=s;
  788. tp.cache=s->sessions;
  789. if (tp.cache == NULL) return;
  790. tp.time=t;
  791. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  792. i=CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
  793. CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=0;
  794. lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
  795. TIMEOUT_PARAM, &tp);
  796. CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load=i;
  797. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  798. }
  799. int ssl_clear_bad_session(SSL *s)
  800. {
  801. if ( (s->session != NULL) &&
  802. !(s->shutdown & SSL_SENT_SHUTDOWN) &&
  803. !(SSL_in_init(s) || SSL_in_before(s)))
  804. {
  805. SSL_CTX_remove_session(s->ctx,s->session);
  806. return(1);
  807. }
  808. else
  809. return(0);
  810. }
  811. /* locked by SSL_CTX in the calling function */
  812. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
  813. {
  814. if ((s->next == NULL) || (s->prev == NULL)) return;
  815. if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
  816. { /* last element in list */
  817. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
  818. { /* only one element in list */
  819. ctx->session_cache_head=NULL;
  820. ctx->session_cache_tail=NULL;
  821. }
  822. else
  823. {
  824. ctx->session_cache_tail=s->prev;
  825. s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
  826. }
  827. }
  828. else
  829. {
  830. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
  831. { /* first element in list */
  832. ctx->session_cache_head=s->next;
  833. s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
  834. }
  835. else
  836. { /* middle of list */
  837. s->next->prev=s->prev;
  838. s->prev->next=s->next;
  839. }
  840. }
  841. s->prev=s->next=NULL;
  842. }
  843. static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
  844. {
  845. if ((s->next != NULL) && (s->prev != NULL))
  846. SSL_SESSION_list_remove(ctx,s);
  847. if (ctx->session_cache_head == NULL)
  848. {
  849. ctx->session_cache_head=s;
  850. ctx->session_cache_tail=s;
  851. s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
  852. s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
  853. }
  854. else
  855. {
  856. s->next=ctx->session_cache_head;
  857. s->next->prev=s;
  858. s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
  859. ctx->session_cache_head=s;
  860. }
  861. }
  862. void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
  863. int (*cb)(struct ssl_st *ssl,SSL_SESSION *sess))
  864. {
  865. ctx->new_session_cb=cb;
  866. }
  867. int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
  868. {
  869. return ctx->new_session_cb;
  870. }
  871. void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
  872. void (*cb)(SSL_CTX *ctx,SSL_SESSION *sess))
  873. {
  874. ctx->remove_session_cb=cb;
  875. }
  876. void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx,SSL_SESSION *sess)
  877. {
  878. return ctx->remove_session_cb;
  879. }
  880. void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
  881. SSL_SESSION *(*cb)(struct ssl_st *ssl,
  882. unsigned char *data,int len,int *copy))
  883. {
  884. ctx->get_session_cb=cb;
  885. }
  886. SSL_SESSION * (*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
  887. unsigned char *data,int len,int *copy)
  888. {
  889. return ctx->get_session_cb;
  890. }
  891. void SSL_CTX_set_info_callback(SSL_CTX *ctx,
  892. void (*cb)(const SSL *ssl,int type,int val))
  893. {
  894. ctx->info_callback=cb;
  895. }
  896. void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val)
  897. {
  898. return ctx->info_callback;
  899. }
  900. void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
  901. int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey))
  902. {
  903. ctx->client_cert_cb=cb;
  904. }
  905. int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509 , EVP_PKEY **pkey)
  906. {
  907. return ctx->client_cert_cb;
  908. }
  909. #ifndef OPENSSL_NO_ENGINE
  910. int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
  911. {
  912. if (!ENGINE_init(e))
  913. {
  914. SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
  915. return 0;
  916. }
  917. if(!ENGINE_get_ssl_client_cert_function(e))
  918. {
  919. SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, SSL_R_NO_CLIENT_CERT_METHOD);
  920. ENGINE_finish(e);
  921. return 0;
  922. }
  923. ctx->client_cert_engine = e;
  924. return 1;
  925. }
  926. #endif
  927. void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
  928. int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len))
  929. {
  930. ctx->app_gen_cookie_cb=cb;
  931. }
  932. void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
  933. int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
  934. {
  935. ctx->app_verify_cookie_cb=cb;
  936. }
  937. IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)