ssl_sess.c 36 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254
  1. /*
  2. * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright 2005 Nokia. All rights reserved.
  4. *
  5. * Licensed under the Apache License 2.0 (the "License"). You may not use
  6. * this file except in compliance with the License. You can obtain a copy
  7. * in the file LICENSE in the source distribution or at
  8. * https://www.openssl.org/source/license.html
  9. */
  10. #include <stdio.h>
  11. #include <openssl/rand.h>
  12. #include <openssl/engine.h>
  13. #include "internal/refcount.h"
  14. #include "internal/cryptlib.h"
  15. #include "ssl_local.h"
  16. #include "statem/statem_local.h"
  17. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
  18. static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
  19. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
  20. /*
  21. * SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because,
  22. * unlike in earlier protocol versions, the session ticket may not have been
  23. * sent yet even though a handshake has finished. The session ticket data could
  24. * come in sometime later...or even change if multiple session ticket messages
  25. * are sent from the server. The preferred way for applications to obtain
  26. * a resumable session is to use SSL_CTX_sess_set_new_cb().
  27. */
  28. SSL_SESSION *SSL_get_session(const SSL *ssl)
  29. /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
  30. {
  31. return ssl->session;
  32. }
  33. SSL_SESSION *SSL_get1_session(SSL *ssl)
  34. /* variant of SSL_get_session: caller really gets something */
  35. {
  36. SSL_SESSION *sess;
  37. /*
  38. * Need to lock this all up rather than just use CRYPTO_add so that
  39. * somebody doesn't free ssl->session between when we check it's non-null
  40. * and when we up the reference count.
  41. */
  42. CRYPTO_THREAD_read_lock(ssl->lock);
  43. sess = ssl->session;
  44. if (sess)
  45. SSL_SESSION_up_ref(sess);
  46. CRYPTO_THREAD_unlock(ssl->lock);
  47. return sess;
  48. }
  49. int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
  50. {
  51. return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
  52. }
  53. void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
  54. {
  55. return CRYPTO_get_ex_data(&s->ex_data, idx);
  56. }
  57. SSL_SESSION *SSL_SESSION_new(void)
  58. {
  59. SSL_SESSION *ss;
  60. if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
  61. return NULL;
  62. ss = OPENSSL_zalloc(sizeof(*ss));
  63. if (ss == NULL) {
  64. ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
  65. return NULL;
  66. }
  67. ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
  68. ss->references = 1;
  69. ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */
  70. ss->time = (unsigned long)time(NULL);
  71. ss->lock = CRYPTO_THREAD_lock_new();
  72. if (ss->lock == NULL) {
  73. ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
  74. OPENSSL_free(ss);
  75. return NULL;
  76. }
  77. if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
  78. CRYPTO_THREAD_lock_free(ss->lock);
  79. OPENSSL_free(ss);
  80. return NULL;
  81. }
  82. return ss;
  83. }
  84. SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
  85. {
  86. return ssl_session_dup(src, 1);
  87. }
  88. /*
  89. * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
  90. * ticket == 0 then no ticket information is duplicated, otherwise it is.
  91. */
  92. SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
  93. {
  94. SSL_SESSION *dest;
  95. dest = OPENSSL_malloc(sizeof(*dest));
  96. if (dest == NULL) {
  97. goto err;
  98. }
  99. memcpy(dest, src, sizeof(*dest));
  100. /*
  101. * Set the various pointers to NULL so that we can call SSL_SESSION_free in
  102. * the case of an error whilst halfway through constructing dest
  103. */
  104. #ifndef OPENSSL_NO_PSK
  105. dest->psk_identity_hint = NULL;
  106. dest->psk_identity = NULL;
  107. #endif
  108. dest->ext.hostname = NULL;
  109. dest->ext.tick = NULL;
  110. dest->ext.alpn_selected = NULL;
  111. #ifndef OPENSSL_NO_SRP
  112. dest->srp_username = NULL;
  113. #endif
  114. dest->peer_chain = NULL;
  115. dest->peer = NULL;
  116. dest->ticket_appdata = NULL;
  117. memset(&dest->ex_data, 0, sizeof(dest->ex_data));
  118. /* We deliberately don't copy the prev and next pointers */
  119. dest->prev = NULL;
  120. dest->next = NULL;
  121. dest->references = 1;
  122. dest->lock = CRYPTO_THREAD_lock_new();
  123. if (dest->lock == NULL)
  124. goto err;
  125. if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
  126. goto err;
  127. if (src->peer != NULL) {
  128. if (!X509_up_ref(src->peer))
  129. goto err;
  130. dest->peer = src->peer;
  131. }
  132. if (src->peer_chain != NULL) {
  133. dest->peer_chain = X509_chain_up_ref(src->peer_chain);
  134. if (dest->peer_chain == NULL)
  135. goto err;
  136. }
  137. #ifndef OPENSSL_NO_PSK
  138. if (src->psk_identity_hint) {
  139. dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
  140. if (dest->psk_identity_hint == NULL) {
  141. goto err;
  142. }
  143. }
  144. if (src->psk_identity) {
  145. dest->psk_identity = OPENSSL_strdup(src->psk_identity);
  146. if (dest->psk_identity == NULL) {
  147. goto err;
  148. }
  149. }
  150. #endif
  151. if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
  152. &dest->ex_data, &src->ex_data)) {
  153. goto err;
  154. }
  155. if (src->ext.hostname) {
  156. dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);
  157. if (dest->ext.hostname == NULL) {
  158. goto err;
  159. }
  160. }
  161. if (ticket != 0 && src->ext.tick != NULL) {
  162. dest->ext.tick =
  163. OPENSSL_memdup(src->ext.tick, src->ext.ticklen);
  164. if (dest->ext.tick == NULL)
  165. goto err;
  166. } else {
  167. dest->ext.tick_lifetime_hint = 0;
  168. dest->ext.ticklen = 0;
  169. }
  170. if (src->ext.alpn_selected != NULL) {
  171. dest->ext.alpn_selected = OPENSSL_memdup(src->ext.alpn_selected,
  172. src->ext.alpn_selected_len);
  173. if (dest->ext.alpn_selected == NULL)
  174. goto err;
  175. }
  176. #ifndef OPENSSL_NO_SRP
  177. if (src->srp_username) {
  178. dest->srp_username = OPENSSL_strdup(src->srp_username);
  179. if (dest->srp_username == NULL) {
  180. goto err;
  181. }
  182. }
  183. #endif
  184. if (src->ticket_appdata != NULL) {
  185. dest->ticket_appdata =
  186. OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len);
  187. if (dest->ticket_appdata == NULL)
  188. goto err;
  189. }
  190. return dest;
  191. err:
  192. ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
  193. SSL_SESSION_free(dest);
  194. return NULL;
  195. }
  196. const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
  197. {
  198. if (len)
  199. *len = (unsigned int)s->session_id_length;
  200. return s->session_id;
  201. }
  202. const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
  203. unsigned int *len)
  204. {
  205. if (len != NULL)
  206. *len = (unsigned int)s->sid_ctx_length;
  207. return s->sid_ctx;
  208. }
  209. unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
  210. {
  211. return s->compress_meth;
  212. }
  213. /*
  214. * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
  215. * the ID with random junk repeatedly until we have no conflict is going to
  216. * complete in one iteration pretty much "most" of the time (btw:
  217. * understatement). So, if it takes us 10 iterations and we still can't avoid
  218. * a conflict - well that's a reasonable point to call it quits. Either the
  219. * RAND code is broken or someone is trying to open roughly very close to
  220. * 2^256 SSL sessions to our server. How you might store that many sessions
  221. * is perhaps a more interesting question ...
  222. */
  223. #define MAX_SESS_ID_ATTEMPTS 10
  224. static int def_generate_session_id(SSL *ssl, unsigned char *id,
  225. unsigned int *id_len)
  226. {
  227. unsigned int retry = 0;
  228. do
  229. if (RAND_bytes_ex(ssl->ctx->libctx, id, *id_len) <= 0)
  230. return 0;
  231. while (SSL_has_matching_session_id(ssl, id, *id_len) &&
  232. (++retry < MAX_SESS_ID_ATTEMPTS)) ;
  233. if (retry < MAX_SESS_ID_ATTEMPTS)
  234. return 1;
  235. /* else - woops a session_id match */
  236. /*
  237. * XXX We should also check the external cache -- but the probability of
  238. * a collision is negligible, and we could not prevent the concurrent
  239. * creation of sessions with identical IDs since we currently don't have
  240. * means to atomically check whether a session ID already exists and make
  241. * a reservation for it if it does not (this problem applies to the
  242. * internal cache as well).
  243. */
  244. return 0;
  245. }
  246. int ssl_generate_session_id(SSL *s, SSL_SESSION *ss)
  247. {
  248. unsigned int tmp;
  249. GEN_SESSION_CB cb = def_generate_session_id;
  250. switch (s->version) {
  251. case SSL3_VERSION:
  252. case TLS1_VERSION:
  253. case TLS1_1_VERSION:
  254. case TLS1_2_VERSION:
  255. case TLS1_3_VERSION:
  256. case DTLS1_BAD_VER:
  257. case DTLS1_VERSION:
  258. case DTLS1_2_VERSION:
  259. ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
  260. break;
  261. default:
  262. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_UNSUPPORTED_SSL_VERSION);
  263. return 0;
  264. }
  265. /*-
  266. * If RFC5077 ticket, use empty session ID (as server).
  267. * Note that:
  268. * (a) ssl_get_prev_session() does lookahead into the
  269. * ClientHello extensions to find the session ticket.
  270. * When ssl_get_prev_session() fails, statem_srvr.c calls
  271. * ssl_get_new_session() in tls_process_client_hello().
  272. * At that point, it has not yet parsed the extensions,
  273. * however, because of the lookahead, it already knows
  274. * whether a ticket is expected or not.
  275. *
  276. * (b) statem_clnt.c calls ssl_get_new_session() before parsing
  277. * ServerHello extensions, and before recording the session
  278. * ID received from the server, so this block is a noop.
  279. */
  280. if (s->ext.ticket_expected) {
  281. ss->session_id_length = 0;
  282. return 1;
  283. }
  284. /* Choose which callback will set the session ID */
  285. CRYPTO_THREAD_read_lock(s->lock);
  286. CRYPTO_THREAD_read_lock(s->session_ctx->lock);
  287. if (s->generate_session_id)
  288. cb = s->generate_session_id;
  289. else if (s->session_ctx->generate_session_id)
  290. cb = s->session_ctx->generate_session_id;
  291. CRYPTO_THREAD_unlock(s->session_ctx->lock);
  292. CRYPTO_THREAD_unlock(s->lock);
  293. /* Choose a session ID */
  294. memset(ss->session_id, 0, ss->session_id_length);
  295. tmp = (int)ss->session_id_length;
  296. if (!cb(s, ss->session_id, &tmp)) {
  297. /* The callback failed */
  298. SSLfatal(s, SSL_AD_INTERNAL_ERROR,
  299. SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
  300. return 0;
  301. }
  302. /*
  303. * Don't allow the callback to set the session length to zero. nor
  304. * set it higher than it was.
  305. */
  306. if (tmp == 0 || tmp > ss->session_id_length) {
  307. /* The callback set an illegal length */
  308. SSLfatal(s, SSL_AD_INTERNAL_ERROR,
  309. SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
  310. return 0;
  311. }
  312. ss->session_id_length = tmp;
  313. /* Finally, check for a conflict */
  314. if (SSL_has_matching_session_id(s, ss->session_id,
  315. (unsigned int)ss->session_id_length)) {
  316. SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_SSL_SESSION_ID_CONFLICT);
  317. return 0;
  318. }
  319. return 1;
  320. }
  321. int ssl_get_new_session(SSL *s, int session)
  322. {
  323. /* This gets used by clients and servers. */
  324. SSL_SESSION *ss = NULL;
  325. if ((ss = SSL_SESSION_new()) == NULL) {
  326. SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
  327. return 0;
  328. }
  329. /* If the context has a default timeout, use it */
  330. if (s->session_ctx->session_timeout == 0)
  331. ss->timeout = SSL_get_default_timeout(s);
  332. else
  333. ss->timeout = s->session_ctx->session_timeout;
  334. SSL_SESSION_free(s->session);
  335. s->session = NULL;
  336. if (session) {
  337. if (SSL_IS_TLS13(s)) {
  338. /*
  339. * We generate the session id while constructing the
  340. * NewSessionTicket in TLSv1.3.
  341. */
  342. ss->session_id_length = 0;
  343. } else if (!ssl_generate_session_id(s, ss)) {
  344. /* SSLfatal() already called */
  345. SSL_SESSION_free(ss);
  346. return 0;
  347. }
  348. } else {
  349. ss->session_id_length = 0;
  350. }
  351. if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
  352. SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
  353. SSL_SESSION_free(ss);
  354. return 0;
  355. }
  356. memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
  357. ss->sid_ctx_length = s->sid_ctx_length;
  358. s->session = ss;
  359. ss->ssl_version = s->version;
  360. ss->verify_result = X509_V_OK;
  361. /* If client supports extended master secret set it in session */
  362. if (s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS)
  363. ss->flags |= SSL_SESS_FLAG_EXTMS;
  364. return 1;
  365. }
  366. SSL_SESSION *lookup_sess_in_cache(SSL *s, const unsigned char *sess_id,
  367. size_t sess_id_len)
  368. {
  369. SSL_SESSION *ret = NULL;
  370. if ((s->session_ctx->session_cache_mode
  371. & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) == 0) {
  372. SSL_SESSION data;
  373. data.ssl_version = s->version;
  374. if (!ossl_assert(sess_id_len <= SSL_MAX_SSL_SESSION_ID_LENGTH))
  375. return NULL;
  376. memcpy(data.session_id, sess_id, sess_id_len);
  377. data.session_id_length = sess_id_len;
  378. CRYPTO_THREAD_read_lock(s->session_ctx->lock);
  379. ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
  380. if (ret != NULL) {
  381. /* don't allow other threads to steal it: */
  382. SSL_SESSION_up_ref(ret);
  383. }
  384. CRYPTO_THREAD_unlock(s->session_ctx->lock);
  385. if (ret == NULL)
  386. tsan_counter(&s->session_ctx->stats.sess_miss);
  387. }
  388. if (ret == NULL && s->session_ctx->get_session_cb != NULL) {
  389. int copy = 1;
  390. ret = s->session_ctx->get_session_cb(s, sess_id, sess_id_len, &copy);
  391. if (ret != NULL) {
  392. tsan_counter(&s->session_ctx->stats.sess_cb_hit);
  393. /*
  394. * Increment reference count now if the session callback asks us
  395. * to do so (note that if the session structures returned by the
  396. * callback are shared between threads, it must handle the
  397. * reference count itself [i.e. copy == 0], or things won't be
  398. * thread-safe).
  399. */
  400. if (copy)
  401. SSL_SESSION_up_ref(ret);
  402. /*
  403. * Add the externally cached session to the internal cache as
  404. * well if and only if we are supposed to.
  405. */
  406. if ((s->session_ctx->session_cache_mode &
  407. SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0) {
  408. /*
  409. * Either return value of SSL_CTX_add_session should not
  410. * interrupt the session resumption process. The return
  411. * value is intentionally ignored.
  412. */
  413. (void)SSL_CTX_add_session(s->session_ctx, ret);
  414. }
  415. }
  416. }
  417. return ret;
  418. }
  419. /*-
  420. * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
  421. * connection. It is only called by servers.
  422. *
  423. * hello: The parsed ClientHello data
  424. *
  425. * Returns:
  426. * -1: fatal error
  427. * 0: no session found
  428. * 1: a session may have been found.
  429. *
  430. * Side effects:
  431. * - If a session is found then s->session is pointed at it (after freeing an
  432. * existing session if need be) and s->verify_result is set from the session.
  433. * - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
  434. * if the server should issue a new session ticket (to 0 otherwise).
  435. */
  436. int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
  437. {
  438. /* This is used only by servers. */
  439. SSL_SESSION *ret = NULL;
  440. int fatal = 0;
  441. int try_session_cache = 0;
  442. SSL_TICKET_STATUS r;
  443. if (SSL_IS_TLS13(s)) {
  444. /*
  445. * By default we will send a new ticket. This can be overridden in the
  446. * ticket processing.
  447. */
  448. s->ext.ticket_expected = 1;
  449. if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,
  450. SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,
  451. NULL, 0)
  452. || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,
  453. hello->pre_proc_exts, NULL, 0))
  454. return -1;
  455. ret = s->session;
  456. } else {
  457. /* sets s->ext.ticket_expected */
  458. r = tls_get_ticket_from_client(s, hello, &ret);
  459. switch (r) {
  460. case SSL_TICKET_FATAL_ERR_MALLOC:
  461. case SSL_TICKET_FATAL_ERR_OTHER:
  462. fatal = 1;
  463. SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
  464. goto err;
  465. case SSL_TICKET_NONE:
  466. case SSL_TICKET_EMPTY:
  467. if (hello->session_id_len > 0) {
  468. try_session_cache = 1;
  469. ret = lookup_sess_in_cache(s, hello->session_id,
  470. hello->session_id_len);
  471. }
  472. break;
  473. case SSL_TICKET_NO_DECRYPT:
  474. case SSL_TICKET_SUCCESS:
  475. case SSL_TICKET_SUCCESS_RENEW:
  476. break;
  477. }
  478. }
  479. if (ret == NULL)
  480. goto err;
  481. /* Now ret is non-NULL and we own one of its reference counts. */
  482. /* Check TLS version consistency */
  483. if (ret->ssl_version != s->version)
  484. goto err;
  485. if (ret->sid_ctx_length != s->sid_ctx_length
  486. || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
  487. /*
  488. * We have the session requested by the client, but we don't want to
  489. * use it in this context.
  490. */
  491. goto err; /* treat like cache miss */
  492. }
  493. if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
  494. /*
  495. * We can't be sure if this session is being used out of context,
  496. * which is especially important for SSL_VERIFY_PEER. The application
  497. * should have used SSL[_CTX]_set_session_id_context. For this error
  498. * case, we generate an error instead of treating the event like a
  499. * cache miss (otherwise it would be easy for applications to
  500. * effectively disable the session cache by accident without anyone
  501. * noticing).
  502. */
  503. SSLfatal(s, SSL_AD_INTERNAL_ERROR,
  504. SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
  505. fatal = 1;
  506. goto err;
  507. }
  508. if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
  509. tsan_counter(&s->session_ctx->stats.sess_timeout);
  510. if (try_session_cache) {
  511. /* session was from the cache, so remove it */
  512. SSL_CTX_remove_session(s->session_ctx, ret);
  513. }
  514. goto err;
  515. }
  516. /* Check extended master secret extension consistency */
  517. if (ret->flags & SSL_SESS_FLAG_EXTMS) {
  518. /* If old session includes extms, but new does not: abort handshake */
  519. if (!(s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS)) {
  520. SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_INCONSISTENT_EXTMS);
  521. fatal = 1;
  522. goto err;
  523. }
  524. } else if (s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) {
  525. /* If new session includes extms, but old does not: do not resume */
  526. goto err;
  527. }
  528. if (!SSL_IS_TLS13(s)) {
  529. /* We already did this for TLS1.3 */
  530. SSL_SESSION_free(s->session);
  531. s->session = ret;
  532. }
  533. tsan_counter(&s->session_ctx->stats.sess_hit);
  534. s->verify_result = s->session->verify_result;
  535. return 1;
  536. err:
  537. if (ret != NULL) {
  538. SSL_SESSION_free(ret);
  539. /* In TLSv1.3 s->session was already set to ret, so we NULL it out */
  540. if (SSL_IS_TLS13(s))
  541. s->session = NULL;
  542. if (!try_session_cache) {
  543. /*
  544. * The session was from a ticket, so we should issue a ticket for
  545. * the new session
  546. */
  547. s->ext.ticket_expected = 1;
  548. }
  549. }
  550. if (fatal)
  551. return -1;
  552. return 0;
  553. }
  554. int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
  555. {
  556. int ret = 0;
  557. SSL_SESSION *s;
  558. /*
  559. * add just 1 reference count for the SSL_CTX's session cache even though
  560. * it has two ways of access: each session is in a doubly linked list and
  561. * an lhash
  562. */
  563. SSL_SESSION_up_ref(c);
  564. /*
  565. * if session c is in already in cache, we take back the increment later
  566. */
  567. CRYPTO_THREAD_write_lock(ctx->lock);
  568. s = lh_SSL_SESSION_insert(ctx->sessions, c);
  569. /*
  570. * s != NULL iff we already had a session with the given PID. In this
  571. * case, s == c should hold (then we did not really modify
  572. * ctx->sessions), or we're in trouble.
  573. */
  574. if (s != NULL && s != c) {
  575. /* We *are* in trouble ... */
  576. SSL_SESSION_list_remove(ctx, s);
  577. SSL_SESSION_free(s);
  578. /*
  579. * ... so pretend the other session did not exist in cache (we cannot
  580. * handle two SSL_SESSION structures with identical session ID in the
  581. * same cache, which could happen e.g. when two threads concurrently
  582. * obtain the same session from an external cache)
  583. */
  584. s = NULL;
  585. } else if (s == NULL &&
  586. lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
  587. /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
  588. /*
  589. * ... so take back the extra reference and also don't add
  590. * the session to the SSL_SESSION_list at this time
  591. */
  592. s = c;
  593. }
  594. /* Put at the head of the queue unless it is already in the cache */
  595. if (s == NULL)
  596. SSL_SESSION_list_add(ctx, c);
  597. if (s != NULL) {
  598. /*
  599. * existing cache entry -- decrement previously incremented reference
  600. * count because it already takes into account the cache
  601. */
  602. SSL_SESSION_free(s); /* s == c */
  603. ret = 0;
  604. } else {
  605. /*
  606. * new cache entry -- remove old ones if cache has become too large
  607. */
  608. ret = 1;
  609. if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
  610. while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
  611. if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
  612. break;
  613. else
  614. tsan_counter(&ctx->stats.sess_cache_full);
  615. }
  616. }
  617. }
  618. CRYPTO_THREAD_unlock(ctx->lock);
  619. return ret;
  620. }
  621. int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
  622. {
  623. return remove_session_lock(ctx, c, 1);
  624. }
  625. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
  626. {
  627. SSL_SESSION *r;
  628. int ret = 0;
  629. if ((c != NULL) && (c->session_id_length != 0)) {
  630. if (lck)
  631. CRYPTO_THREAD_write_lock(ctx->lock);
  632. if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) {
  633. ret = 1;
  634. r = lh_SSL_SESSION_delete(ctx->sessions, r);
  635. SSL_SESSION_list_remove(ctx, r);
  636. }
  637. c->not_resumable = 1;
  638. if (lck)
  639. CRYPTO_THREAD_unlock(ctx->lock);
  640. if (ctx->remove_session_cb != NULL)
  641. ctx->remove_session_cb(ctx, c);
  642. if (ret)
  643. SSL_SESSION_free(r);
  644. } else
  645. ret = 0;
  646. return ret;
  647. }
  648. void SSL_SESSION_free(SSL_SESSION *ss)
  649. {
  650. int i;
  651. if (ss == NULL)
  652. return;
  653. CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
  654. REF_PRINT_COUNT("SSL_SESSION", ss);
  655. if (i > 0)
  656. return;
  657. REF_ASSERT_ISNT(i < 0);
  658. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
  659. OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
  660. OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
  661. X509_free(ss->peer);
  662. sk_X509_pop_free(ss->peer_chain, X509_free);
  663. OPENSSL_free(ss->ext.hostname);
  664. OPENSSL_free(ss->ext.tick);
  665. #ifndef OPENSSL_NO_PSK
  666. OPENSSL_free(ss->psk_identity_hint);
  667. OPENSSL_free(ss->psk_identity);
  668. #endif
  669. #ifndef OPENSSL_NO_SRP
  670. OPENSSL_free(ss->srp_username);
  671. #endif
  672. OPENSSL_free(ss->ext.alpn_selected);
  673. OPENSSL_free(ss->ticket_appdata);
  674. CRYPTO_THREAD_lock_free(ss->lock);
  675. OPENSSL_clear_free(ss, sizeof(*ss));
  676. }
  677. int SSL_SESSION_up_ref(SSL_SESSION *ss)
  678. {
  679. int i;
  680. if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
  681. return 0;
  682. REF_PRINT_COUNT("SSL_SESSION", ss);
  683. REF_ASSERT_ISNT(i < 2);
  684. return ((i > 1) ? 1 : 0);
  685. }
  686. int SSL_set_session(SSL *s, SSL_SESSION *session)
  687. {
  688. ssl_clear_bad_session(s);
  689. if (s->ctx->method != s->method) {
  690. if (!SSL_set_ssl_method(s, s->ctx->method))
  691. return 0;
  692. }
  693. if (session != NULL) {
  694. SSL_SESSION_up_ref(session);
  695. s->verify_result = session->verify_result;
  696. }
  697. SSL_SESSION_free(s->session);
  698. s->session = session;
  699. return 1;
  700. }
  701. int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
  702. unsigned int sid_len)
  703. {
  704. if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
  705. ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_TOO_LONG);
  706. return 0;
  707. }
  708. s->session_id_length = sid_len;
  709. if (sid != s->session_id)
  710. memcpy(s->session_id, sid, sid_len);
  711. return 1;
  712. }
  713. long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
  714. {
  715. if (s == NULL)
  716. return 0;
  717. s->timeout = t;
  718. return 1;
  719. }
  720. long SSL_SESSION_get_timeout(const SSL_SESSION *s)
  721. {
  722. if (s == NULL)
  723. return 0;
  724. return s->timeout;
  725. }
  726. long SSL_SESSION_get_time(const SSL_SESSION *s)
  727. {
  728. if (s == NULL)
  729. return 0;
  730. return s->time;
  731. }
  732. long SSL_SESSION_set_time(SSL_SESSION *s, long t)
  733. {
  734. if (s == NULL)
  735. return 0;
  736. s->time = t;
  737. return t;
  738. }
  739. int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
  740. {
  741. return s->ssl_version;
  742. }
  743. int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version)
  744. {
  745. s->ssl_version = version;
  746. return 1;
  747. }
  748. const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
  749. {
  750. return s->cipher;
  751. }
  752. int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher)
  753. {
  754. s->cipher = cipher;
  755. return 1;
  756. }
  757. const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
  758. {
  759. return s->ext.hostname;
  760. }
  761. int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname)
  762. {
  763. OPENSSL_free(s->ext.hostname);
  764. if (hostname == NULL) {
  765. s->ext.hostname = NULL;
  766. return 1;
  767. }
  768. s->ext.hostname = OPENSSL_strdup(hostname);
  769. return s->ext.hostname != NULL;
  770. }
  771. int SSL_SESSION_has_ticket(const SSL_SESSION *s)
  772. {
  773. return (s->ext.ticklen > 0) ? 1 : 0;
  774. }
  775. unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
  776. {
  777. return s->ext.tick_lifetime_hint;
  778. }
  779. void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
  780. size_t *len)
  781. {
  782. *len = s->ext.ticklen;
  783. if (tick != NULL)
  784. *tick = s->ext.tick;
  785. }
  786. uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
  787. {
  788. return s->ext.max_early_data;
  789. }
  790. int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
  791. {
  792. s->ext.max_early_data = max_early_data;
  793. return 1;
  794. }
  795. void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
  796. const unsigned char **alpn,
  797. size_t *len)
  798. {
  799. *alpn = s->ext.alpn_selected;
  800. *len = s->ext.alpn_selected_len;
  801. }
  802. int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
  803. size_t len)
  804. {
  805. OPENSSL_free(s->ext.alpn_selected);
  806. if (alpn == NULL || len == 0) {
  807. s->ext.alpn_selected = NULL;
  808. s->ext.alpn_selected_len = 0;
  809. return 1;
  810. }
  811. s->ext.alpn_selected = OPENSSL_memdup(alpn, len);
  812. if (s->ext.alpn_selected == NULL) {
  813. s->ext.alpn_selected_len = 0;
  814. return 0;
  815. }
  816. s->ext.alpn_selected_len = len;
  817. return 1;
  818. }
  819. X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
  820. {
  821. return s->peer;
  822. }
  823. int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
  824. unsigned int sid_ctx_len)
  825. {
  826. if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
  827. ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
  828. return 0;
  829. }
  830. s->sid_ctx_length = sid_ctx_len;
  831. if (sid_ctx != s->sid_ctx)
  832. memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
  833. return 1;
  834. }
  835. int SSL_SESSION_is_resumable(const SSL_SESSION *s)
  836. {
  837. /*
  838. * In the case of EAP-FAST, we can have a pre-shared "ticket" without a
  839. * session ID.
  840. */
  841. return !s->not_resumable
  842. && (s->session_id_length > 0 || s->ext.ticklen > 0);
  843. }
  844. long SSL_CTX_set_timeout(SSL_CTX *s, long t)
  845. {
  846. long l;
  847. if (s == NULL)
  848. return 0;
  849. l = s->session_timeout;
  850. s->session_timeout = t;
  851. return l;
  852. }
  853. long SSL_CTX_get_timeout(const SSL_CTX *s)
  854. {
  855. if (s == NULL)
  856. return 0;
  857. return s->session_timeout;
  858. }
  859. int SSL_set_session_secret_cb(SSL *s,
  860. tls_session_secret_cb_fn tls_session_secret_cb,
  861. void *arg)
  862. {
  863. if (s == NULL)
  864. return 0;
  865. s->ext.session_secret_cb = tls_session_secret_cb;
  866. s->ext.session_secret_cb_arg = arg;
  867. return 1;
  868. }
  869. int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
  870. void *arg)
  871. {
  872. if (s == NULL)
  873. return 0;
  874. s->ext.session_ticket_cb = cb;
  875. s->ext.session_ticket_cb_arg = arg;
  876. return 1;
  877. }
  878. int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
  879. {
  880. if (s->version >= TLS1_VERSION) {
  881. OPENSSL_free(s->ext.session_ticket);
  882. s->ext.session_ticket = NULL;
  883. s->ext.session_ticket =
  884. OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
  885. if (s->ext.session_ticket == NULL) {
  886. ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
  887. return 0;
  888. }
  889. if (ext_data != NULL) {
  890. s->ext.session_ticket->length = ext_len;
  891. s->ext.session_ticket->data = s->ext.session_ticket + 1;
  892. memcpy(s->ext.session_ticket->data, ext_data, ext_len);
  893. } else {
  894. s->ext.session_ticket->length = 0;
  895. s->ext.session_ticket->data = NULL;
  896. }
  897. return 1;
  898. }
  899. return 0;
  900. }
  901. typedef struct timeout_param_st {
  902. SSL_CTX *ctx;
  903. long time;
  904. LHASH_OF(SSL_SESSION) *cache;
  905. } TIMEOUT_PARAM;
  906. static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p)
  907. {
  908. if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
  909. /*
  910. * The reason we don't call SSL_CTX_remove_session() is to save on
  911. * locking overhead
  912. */
  913. (void)lh_SSL_SESSION_delete(p->cache, s);
  914. SSL_SESSION_list_remove(p->ctx, s);
  915. s->not_resumable = 1;
  916. if (p->ctx->remove_session_cb != NULL)
  917. p->ctx->remove_session_cb(p->ctx, s);
  918. SSL_SESSION_free(s);
  919. }
  920. }
  921. IMPLEMENT_LHASH_DOALL_ARG(SSL_SESSION, TIMEOUT_PARAM);
  922. void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
  923. {
  924. unsigned long i;
  925. TIMEOUT_PARAM tp;
  926. tp.ctx = s;
  927. tp.cache = s->sessions;
  928. if (tp.cache == NULL)
  929. return;
  930. tp.time = t;
  931. CRYPTO_THREAD_write_lock(s->lock);
  932. i = lh_SSL_SESSION_get_down_load(s->sessions);
  933. lh_SSL_SESSION_set_down_load(s->sessions, 0);
  934. lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
  935. lh_SSL_SESSION_set_down_load(s->sessions, i);
  936. CRYPTO_THREAD_unlock(s->lock);
  937. }
  938. int ssl_clear_bad_session(SSL *s)
  939. {
  940. if ((s->session != NULL) &&
  941. !(s->shutdown & SSL_SENT_SHUTDOWN) &&
  942. !(SSL_in_init(s) || SSL_in_before(s))) {
  943. SSL_CTX_remove_session(s->session_ctx, s->session);
  944. return 1;
  945. } else
  946. return 0;
  947. }
  948. /* locked by SSL_CTX in the calling function */
  949. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
  950. {
  951. if ((s->next == NULL) || (s->prev == NULL))
  952. return;
  953. if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
  954. /* last element in list */
  955. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
  956. /* only one element in list */
  957. ctx->session_cache_head = NULL;
  958. ctx->session_cache_tail = NULL;
  959. } else {
  960. ctx->session_cache_tail = s->prev;
  961. s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
  962. }
  963. } else {
  964. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
  965. /* first element in list */
  966. ctx->session_cache_head = s->next;
  967. s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
  968. } else {
  969. /* middle of list */
  970. s->next->prev = s->prev;
  971. s->prev->next = s->next;
  972. }
  973. }
  974. s->prev = s->next = NULL;
  975. }
  976. static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
  977. {
  978. if ((s->next != NULL) && (s->prev != NULL))
  979. SSL_SESSION_list_remove(ctx, s);
  980. if (ctx->session_cache_head == NULL) {
  981. ctx->session_cache_head = s;
  982. ctx->session_cache_tail = s;
  983. s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
  984. s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
  985. } else {
  986. s->next = ctx->session_cache_head;
  987. s->next->prev = s;
  988. s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
  989. ctx->session_cache_head = s;
  990. }
  991. }
  992. void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
  993. int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
  994. {
  995. ctx->new_session_cb = cb;
  996. }
  997. int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
  998. return ctx->new_session_cb;
  999. }
  1000. void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
  1001. void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
  1002. {
  1003. ctx->remove_session_cb = cb;
  1004. }
  1005. void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
  1006. SSL_SESSION *sess) {
  1007. return ctx->remove_session_cb;
  1008. }
  1009. void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
  1010. SSL_SESSION *(*cb) (struct ssl_st *ssl,
  1011. const unsigned char *data,
  1012. int len, int *copy))
  1013. {
  1014. ctx->get_session_cb = cb;
  1015. }
  1016. SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
  1017. const unsigned char
  1018. *data, int len,
  1019. int *copy) {
  1020. return ctx->get_session_cb;
  1021. }
  1022. void SSL_CTX_set_info_callback(SSL_CTX *ctx,
  1023. void (*cb) (const SSL *ssl, int type, int val))
  1024. {
  1025. ctx->info_callback = cb;
  1026. }
  1027. void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
  1028. int val) {
  1029. return ctx->info_callback;
  1030. }
  1031. void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
  1032. int (*cb) (SSL *ssl, X509 **x509,
  1033. EVP_PKEY **pkey))
  1034. {
  1035. ctx->client_cert_cb = cb;
  1036. }
  1037. int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
  1038. EVP_PKEY **pkey) {
  1039. return ctx->client_cert_cb;
  1040. }
  1041. void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
  1042. int (*cb) (SSL *ssl,
  1043. unsigned char *cookie,
  1044. unsigned int *cookie_len))
  1045. {
  1046. ctx->app_gen_cookie_cb = cb;
  1047. }
  1048. void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
  1049. int (*cb) (SSL *ssl,
  1050. const unsigned char *cookie,
  1051. unsigned int cookie_len))
  1052. {
  1053. ctx->app_verify_cookie_cb = cb;
  1054. }
  1055. int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len)
  1056. {
  1057. OPENSSL_free(ss->ticket_appdata);
  1058. ss->ticket_appdata_len = 0;
  1059. if (data == NULL || len == 0) {
  1060. ss->ticket_appdata = NULL;
  1061. return 1;
  1062. }
  1063. ss->ticket_appdata = OPENSSL_memdup(data, len);
  1064. if (ss->ticket_appdata != NULL) {
  1065. ss->ticket_appdata_len = len;
  1066. return 1;
  1067. }
  1068. return 0;
  1069. }
  1070. int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len)
  1071. {
  1072. *data = ss->ticket_appdata;
  1073. *len = ss->ticket_appdata_len;
  1074. return 1;
  1075. }
  1076. void SSL_CTX_set_stateless_cookie_generate_cb(
  1077. SSL_CTX *ctx,
  1078. int (*cb) (SSL *ssl,
  1079. unsigned char *cookie,
  1080. size_t *cookie_len))
  1081. {
  1082. ctx->gen_stateless_cookie_cb = cb;
  1083. }
  1084. void SSL_CTX_set_stateless_cookie_verify_cb(
  1085. SSL_CTX *ctx,
  1086. int (*cb) (SSL *ssl,
  1087. const unsigned char *cookie,
  1088. size_t cookie_len))
  1089. {
  1090. ctx->verify_stateless_cookie_cb = cb;
  1091. }
  1092. IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)