2
0

ssl_sess.c 27 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910
  1. /* ssl/ssl_sess.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. /* ====================================================================
  59. * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
  60. *
  61. * Redistribution and use in source and binary forms, with or without
  62. * modification, are permitted provided that the following conditions
  63. * are met:
  64. *
  65. * 1. Redistributions of source code must retain the above copyright
  66. * notice, this list of conditions and the following disclaimer.
  67. *
  68. * 2. Redistributions in binary form must reproduce the above copyright
  69. * notice, this list of conditions and the following disclaimer in
  70. * the documentation and/or other materials provided with the
  71. * distribution.
  72. *
  73. * 3. All advertising materials mentioning features or use of this
  74. * software must display the following acknowledgment:
  75. * "This product includes software developed by the OpenSSL Project
  76. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  77. *
  78. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  79. * endorse or promote products derived from this software without
  80. * prior written permission. For written permission, please contact
  81. * openssl-core@openssl.org.
  82. *
  83. * 5. Products derived from this software may not be called "OpenSSL"
  84. * nor may "OpenSSL" appear in their names without prior written
  85. * permission of the OpenSSL Project.
  86. *
  87. * 6. Redistributions of any form whatsoever must retain the following
  88. * acknowledgment:
  89. * "This product includes software developed by the OpenSSL Project
  90. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  91. *
  92. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  93. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  94. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  95. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  96. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  97. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  98. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  99. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  100. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  101. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  102. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  103. * OF THE POSSIBILITY OF SUCH DAMAGE.
  104. * ====================================================================
  105. *
  106. * This product includes cryptographic software written by Eric Young
  107. * (eay@cryptsoft.com). This product includes software written by Tim
  108. * Hudson (tjh@cryptsoft.com).
  109. *
  110. */
  111. /* ====================================================================
  112. * Copyright 2005 Nokia. All rights reserved.
  113. *
  114. * The portions of the attached software ("Contribution") is developed by
  115. * Nokia Corporation and is licensed pursuant to the OpenSSL open source
  116. * license.
  117. *
  118. * The Contribution, originally written by Mika Kousa and Pasi Eronen of
  119. * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
  120. * support (see RFC 4279) to OpenSSL.
  121. *
  122. * No patent licenses or other rights except those expressly stated in
  123. * the OpenSSL open source license shall be deemed granted or received
  124. * expressly, by implication, estoppel, or otherwise.
  125. *
  126. * No assurances are provided by Nokia that the Contribution does not
  127. * infringe the patent or other intellectual property rights of any third
  128. * party or that the license provides you with all the necessary rights
  129. * to make use of the Contribution.
  130. *
  131. * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
  132. * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
  133. * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  134. * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  135. * OTHERWISE.
  136. */
  137. #include <stdio.h>
  138. #include <openssl/lhash.h>
  139. #include <openssl/rand.h>
  140. #include "ssl_locl.h"
  141. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
  142. static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
  143. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
  144. SSL_SESSION *SSL_get_session(const SSL *ssl)
  145. /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
  146. {
  147. return(ssl->session);
  148. }
  149. SSL_SESSION *SSL_get1_session(SSL *ssl)
  150. /* variant of SSL_get_session: caller really gets something */
  151. {
  152. SSL_SESSION *sess;
  153. /* Need to lock this all up rather than just use CRYPTO_add so that
  154. * somebody doesn't free ssl->session between when we check it's
  155. * non-null and when we up the reference count. */
  156. CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
  157. sess = ssl->session;
  158. if(sess)
  159. sess->references++;
  160. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
  161. return(sess);
  162. }
  163. int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  164. CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
  165. {
  166. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
  167. new_func, dup_func, free_func);
  168. }
  169. int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
  170. {
  171. return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
  172. }
  173. void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
  174. {
  175. return(CRYPTO_get_ex_data(&s->ex_data,idx));
  176. }
  177. SSL_SESSION *SSL_SESSION_new(void)
  178. {
  179. SSL_SESSION *ss;
  180. ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
  181. if (ss == NULL)
  182. {
  183. SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
  184. return(0);
  185. }
  186. memset(ss,0,sizeof(SSL_SESSION));
  187. ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
  188. ss->references=1;
  189. ss->timeout=60*5+4; /* 5 minute timeout by default */
  190. ss->time=(unsigned long)time(NULL);
  191. ss->prev=NULL;
  192. ss->next=NULL;
  193. ss->compress_meth=0;
  194. #ifndef OPENSSL_NO_TLSEXT
  195. ss->tlsext_hostname = NULL;
  196. #ifndef OPENSSL_NO_EC
  197. ss->tlsext_ecpointformatlist_length = 0;
  198. ss->tlsext_ecpointformatlist = NULL;
  199. ss->tlsext_ellipticcurvelist_length = 0;
  200. ss->tlsext_ellipticcurvelist = NULL;
  201. #endif
  202. #endif
  203. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
  204. #ifndef OPENSSL_NO_PSK
  205. ss->psk_identity_hint=NULL;
  206. ss->psk_identity=NULL;
  207. #endif
  208. return(ss);
  209. }
  210. const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
  211. {
  212. if(len)
  213. *len = s->session_id_length;
  214. return s->session_id;
  215. }
  216. /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
  217. * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
  218. * until we have no conflict is going to complete in one iteration pretty much
  219. * "most" of the time (btw: understatement). So, if it takes us 10 iterations
  220. * and we still can't avoid a conflict - well that's a reasonable point to call
  221. * it quits. Either the RAND code is broken or someone is trying to open roughly
  222. * very close to 2^128 (or 2^256) SSL sessions to our server. How you might
  223. * store that many sessions is perhaps a more interesting question ... */
  224. #define MAX_SESS_ID_ATTEMPTS 10
  225. static int def_generate_session_id(const SSL *ssl, unsigned char *id,
  226. unsigned int *id_len)
  227. {
  228. unsigned int retry = 0;
  229. do
  230. if (RAND_pseudo_bytes(id, *id_len) <= 0)
  231. return 0;
  232. while(SSL_has_matching_session_id(ssl, id, *id_len) &&
  233. (++retry < MAX_SESS_ID_ATTEMPTS));
  234. if(retry < MAX_SESS_ID_ATTEMPTS)
  235. return 1;
  236. /* else - woops a session_id match */
  237. /* XXX We should also check the external cache --
  238. * but the probability of a collision is negligible, and
  239. * we could not prevent the concurrent creation of sessions
  240. * with identical IDs since we currently don't have means
  241. * to atomically check whether a session ID already exists
  242. * and make a reservation for it if it does not
  243. * (this problem applies to the internal cache as well).
  244. */
  245. return 0;
  246. }
  247. int ssl_get_new_session(SSL *s, int session)
  248. {
  249. /* This gets used by clients and servers. */
  250. unsigned int tmp;
  251. SSL_SESSION *ss=NULL;
  252. GEN_SESSION_CB cb = def_generate_session_id;
  253. if ((ss=SSL_SESSION_new()) == NULL) return(0);
  254. /* If the context has a default timeout, use it */
  255. if (s->session_ctx->session_timeout == 0)
  256. ss->timeout=SSL_get_default_timeout(s);
  257. else
  258. ss->timeout=s->session_ctx->session_timeout;
  259. if (s->session != NULL)
  260. {
  261. SSL_SESSION_free(s->session);
  262. s->session=NULL;
  263. }
  264. if (session)
  265. {
  266. if (s->version == SSL2_VERSION)
  267. {
  268. ss->ssl_version=SSL2_VERSION;
  269. ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
  270. }
  271. else if (s->version == SSL3_VERSION)
  272. {
  273. ss->ssl_version=SSL3_VERSION;
  274. ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
  275. }
  276. else if (s->version == TLS1_VERSION)
  277. {
  278. ss->ssl_version=TLS1_VERSION;
  279. ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
  280. }
  281. else if (s->version == DTLS1_VERSION)
  282. {
  283. ss->ssl_version=DTLS1_VERSION;
  284. ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
  285. }
  286. else
  287. {
  288. SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
  289. SSL_SESSION_free(ss);
  290. return(0);
  291. }
  292. /* Choose which callback will set the session ID */
  293. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  294. if(s->generate_session_id)
  295. cb = s->generate_session_id;
  296. else if(s->session_ctx->generate_session_id)
  297. cb = s->session_ctx->generate_session_id;
  298. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  299. /* Choose a session ID */
  300. tmp = ss->session_id_length;
  301. if(!cb(s, ss->session_id, &tmp))
  302. {
  303. /* The callback failed */
  304. SSLerr(SSL_F_SSL_GET_NEW_SESSION,
  305. SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
  306. SSL_SESSION_free(ss);
  307. return(0);
  308. }
  309. /* Don't allow the callback to set the session length to zero.
  310. * nor set it higher than it was. */
  311. if(!tmp || (tmp > ss->session_id_length))
  312. {
  313. /* The callback set an illegal length */
  314. SSLerr(SSL_F_SSL_GET_NEW_SESSION,
  315. SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
  316. SSL_SESSION_free(ss);
  317. return(0);
  318. }
  319. /* If the session length was shrunk and we're SSLv2, pad it */
  320. if((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
  321. memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
  322. else
  323. ss->session_id_length = tmp;
  324. /* Finally, check for a conflict */
  325. if(SSL_has_matching_session_id(s, ss->session_id,
  326. ss->session_id_length))
  327. {
  328. SSLerr(SSL_F_SSL_GET_NEW_SESSION,
  329. SSL_R_SSL_SESSION_ID_CONFLICT);
  330. SSL_SESSION_free(ss);
  331. return(0);
  332. }
  333. #ifndef OPENSSL_NO_TLSEXT
  334. if (s->tlsext_hostname) {
  335. ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
  336. if (ss->tlsext_hostname == NULL) {
  337. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
  338. SSL_SESSION_free(ss);
  339. return 0;
  340. }
  341. }
  342. #ifndef OPENSSL_NO_EC
  343. if (s->tlsext_ecpointformatlist)
  344. {
  345. if (ss->tlsext_ecpointformatlist != NULL) OPENSSL_free(ss->tlsext_ecpointformatlist);
  346. if ((ss->tlsext_ecpointformatlist = OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) == NULL)
  347. {
  348. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
  349. SSL_SESSION_free(ss);
  350. return 0;
  351. }
  352. ss->tlsext_ecpointformatlist_length = s->tlsext_ecpointformatlist_length;
  353. memcpy(ss->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
  354. }
  355. if (s->tlsext_ellipticcurvelist)
  356. {
  357. if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
  358. if ((ss->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL)
  359. {
  360. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE);
  361. SSL_SESSION_free(ss);
  362. return 0;
  363. }
  364. ss->tlsext_ellipticcurvelist_length = s->tlsext_ellipticcurvelist_length;
  365. memcpy(ss->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist, s->tlsext_ellipticcurvelist_length);
  366. }
  367. #endif
  368. #endif
  369. }
  370. else
  371. {
  372. ss->session_id_length=0;
  373. }
  374. if (s->sid_ctx_length > sizeof ss->sid_ctx)
  375. {
  376. SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
  377. SSL_SESSION_free(ss);
  378. return 0;
  379. }
  380. memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
  381. ss->sid_ctx_length=s->sid_ctx_length;
  382. s->session=ss;
  383. ss->ssl_version=s->version;
  384. ss->verify_result = X509_V_OK;
  385. return(1);
  386. }
  387. int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
  388. {
  389. /* This is used only by servers. */
  390. SSL_SESSION *ret=NULL,data;
  391. int fatal = 0;
  392. data.ssl_version=s->version;
  393. data.session_id_length=len;
  394. if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
  395. goto err;
  396. memcpy(data.session_id,session_id,len);
  397. if (!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
  398. {
  399. CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
  400. ret=(SSL_SESSION *)lh_retrieve(s->session_ctx->sessions,&data);
  401. if (ret != NULL)
  402. /* don't allow other threads to steal it: */
  403. CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
  404. CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
  405. }
  406. if (ret == NULL)
  407. {
  408. int copy=1;
  409. s->session_ctx->stats.sess_miss++;
  410. ret=NULL;
  411. if (s->session_ctx->get_session_cb != NULL
  412. && (ret=s->session_ctx->get_session_cb(s,session_id,len,&copy))
  413. != NULL)
  414. {
  415. s->session_ctx->stats.sess_cb_hit++;
  416. /* Increment reference count now if the session callback
  417. * asks us to do so (note that if the session structures
  418. * returned by the callback are shared between threads,
  419. * it must handle the reference count itself [i.e. copy == 0],
  420. * or things won't be thread-safe). */
  421. if (copy)
  422. CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
  423. /* Add the externally cached session to the internal
  424. * cache as well if and only if we are supposed to. */
  425. if(!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
  426. /* The following should not return 1, otherwise,
  427. * things are very strange */
  428. SSL_CTX_add_session(s->session_ctx,ret);
  429. }
  430. if (ret == NULL)
  431. goto err;
  432. }
  433. /* Now ret is non-NULL, and we own one of its reference counts. */
  434. if((s->verify_mode&SSL_VERIFY_PEER)
  435. && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
  436. || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
  437. {
  438. /* We've found the session named by the client, but we don't
  439. * want to use it in this context. */
  440. if (s->sid_ctx_length == 0)
  441. {
  442. /* application should have used SSL[_CTX]_set_session_id_context
  443. * -- we could tolerate this and just pretend we never heard
  444. * of this session, but then applications could effectively
  445. * disable the session cache by accident without anyone noticing */
  446. SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
  447. fatal = 1;
  448. goto err;
  449. }
  450. else
  451. {
  452. #if 0 /* The client cannot always know when a session is not appropriate,
  453. * so we shouldn't generate an error message. */
  454. SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
  455. #endif
  456. goto err; /* treat like cache miss */
  457. }
  458. }
  459. if (ret->cipher == NULL)
  460. {
  461. unsigned char buf[5],*p;
  462. unsigned long l;
  463. p=buf;
  464. l=ret->cipher_id;
  465. l2n(l,p);
  466. if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
  467. ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
  468. else
  469. ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
  470. if (ret->cipher == NULL)
  471. goto err;
  472. }
  473. #if 0 /* This is way too late. */
  474. /* If a thread got the session, then 'swaped', and another got
  475. * it and then due to a time-out decided to 'OPENSSL_free' it we could
  476. * be in trouble. So I'll increment it now, then double decrement
  477. * later - am I speaking rubbish?. */
  478. CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
  479. #endif
  480. if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
  481. {
  482. s->session_ctx->stats.sess_timeout++;
  483. /* remove it from the cache */
  484. SSL_CTX_remove_session(s->session_ctx,ret);
  485. goto err;
  486. }
  487. s->session_ctx->stats.sess_hit++;
  488. /* ret->time=time(NULL); */ /* rezero timeout? */
  489. /* again, just leave the session
  490. * if it is the same session, we have just incremented and
  491. * then decremented the reference count :-) */
  492. if (s->session != NULL)
  493. SSL_SESSION_free(s->session);
  494. s->session=ret;
  495. s->verify_result = s->session->verify_result;
  496. return(1);
  497. err:
  498. if (ret != NULL)
  499. SSL_SESSION_free(ret);
  500. if (fatal)
  501. return -1;
  502. else
  503. return 0;
  504. }
  505. int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
  506. {
  507. int ret=0;
  508. SSL_SESSION *s;
  509. /* add just 1 reference count for the SSL_CTX's session cache
  510. * even though it has two ways of access: each session is in a
  511. * doubly linked list and an lhash */
  512. CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
  513. /* if session c is in already in cache, we take back the increment later */
  514. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  515. s=(SSL_SESSION *)lh_insert(ctx->sessions,c);
  516. /* s != NULL iff we already had a session with the given PID.
  517. * In this case, s == c should hold (then we did not really modify
  518. * ctx->sessions), or we're in trouble. */
  519. if (s != NULL && s != c)
  520. {
  521. /* We *are* in trouble ... */
  522. SSL_SESSION_list_remove(ctx,s);
  523. SSL_SESSION_free(s);
  524. /* ... so pretend the other session did not exist in cache
  525. * (we cannot handle two SSL_SESSION structures with identical
  526. * session ID in the same cache, which could happen e.g. when
  527. * two threads concurrently obtain the same session from an external
  528. * cache) */
  529. s = NULL;
  530. }
  531. /* Put at the head of the queue unless it is already in the cache */
  532. if (s == NULL)
  533. SSL_SESSION_list_add(ctx,c);
  534. if (s != NULL)
  535. {
  536. /* existing cache entry -- decrement previously incremented reference
  537. * count because it already takes into account the cache */
  538. SSL_SESSION_free(s); /* s == c */
  539. ret=0;
  540. }
  541. else
  542. {
  543. /* new cache entry -- remove old ones if cache has become too large */
  544. ret=1;
  545. if (SSL_CTX_sess_get_cache_size(ctx) > 0)
  546. {
  547. while (SSL_CTX_sess_number(ctx) >
  548. SSL_CTX_sess_get_cache_size(ctx))
  549. {
  550. if (!remove_session_lock(ctx,
  551. ctx->session_cache_tail, 0))
  552. break;
  553. else
  554. ctx->stats.sess_cache_full++;
  555. }
  556. }
  557. }
  558. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  559. return(ret);
  560. }
  561. int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
  562. {
  563. return remove_session_lock(ctx, c, 1);
  564. }
  565. static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
  566. {
  567. SSL_SESSION *r;
  568. int ret=0;
  569. if ((c != NULL) && (c->session_id_length != 0))
  570. {
  571. if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  572. if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
  573. {
  574. ret=1;
  575. r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
  576. SSL_SESSION_list_remove(ctx,c);
  577. }
  578. if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  579. if (ret)
  580. {
  581. r->not_resumable=1;
  582. if (ctx->remove_session_cb != NULL)
  583. ctx->remove_session_cb(ctx,r);
  584. SSL_SESSION_free(r);
  585. }
  586. }
  587. else
  588. ret=0;
  589. return(ret);
  590. }
  591. void SSL_SESSION_free(SSL_SESSION *ss)
  592. {
  593. int i;
  594. if(ss == NULL)
  595. return;
  596. i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
  597. #ifdef REF_PRINT
  598. REF_PRINT("SSL_SESSION",ss);
  599. #endif
  600. if (i > 0) return;
  601. #ifdef REF_CHECK
  602. if (i < 0)
  603. {
  604. fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
  605. abort(); /* ok */
  606. }
  607. #endif
  608. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
  609. OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg);
  610. OPENSSL_cleanse(ss->master_key,sizeof ss->master_key);
  611. OPENSSL_cleanse(ss->session_id,sizeof ss->session_id);
  612. if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
  613. if (ss->peer != NULL) X509_free(ss->peer);
  614. if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
  615. #ifndef OPENSSL_NO_TLSEXT
  616. if (ss->tlsext_hostname != NULL) OPENSSL_free(ss->tlsext_hostname);
  617. #ifndef OPENSSL_NO_EC
  618. ss->tlsext_ecpointformatlist_length = 0;
  619. if (ss->tlsext_ecpointformatlist != NULL) OPENSSL_free(ss->tlsext_ecpointformatlist);
  620. ss->tlsext_ellipticcurvelist_length = 0;
  621. if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
  622. #endif /* OPENSSL_NO_EC */
  623. #endif
  624. #ifndef OPENSSL_NO_PSK
  625. if (ss->psk_identity_hint != NULL)
  626. OPENSSL_free(ss->psk_identity_hint);
  627. if (ss->psk_identity != NULL)
  628. OPENSSL_free(ss->psk_identity);
  629. #endif
  630. OPENSSL_cleanse(ss,sizeof(*ss));
  631. OPENSSL_free(ss);
  632. }
  633. int SSL_set_session(SSL *s, SSL_SESSION *session)
  634. {
  635. int ret=0;
  636. const SSL_METHOD *meth;
  637. if (session != NULL)
  638. {
  639. meth=s->ctx->method->get_ssl_method(session->ssl_version);
  640. if (meth == NULL)
  641. meth=s->method->get_ssl_method(session->ssl_version);
  642. if (meth == NULL)
  643. {
  644. SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
  645. return(0);
  646. }
  647. if (meth != s->method)
  648. {
  649. if (!SSL_set_ssl_method(s,meth))
  650. return(0);
  651. if (s->ctx->session_timeout == 0)
  652. session->timeout=SSL_get_default_timeout(s);
  653. else
  654. session->timeout=s->ctx->session_timeout;
  655. }
  656. #ifndef OPENSSL_NO_KRB5
  657. if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
  658. session->krb5_client_princ_len > 0)
  659. {
  660. s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1);
  661. memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
  662. session->krb5_client_princ_len);
  663. s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
  664. }
  665. #endif /* OPENSSL_NO_KRB5 */
  666. /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
  667. CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
  668. if (s->session != NULL)
  669. SSL_SESSION_free(s->session);
  670. s->session=session;
  671. s->verify_result = s->session->verify_result;
  672. /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
  673. ret=1;
  674. }
  675. else
  676. {
  677. if (s->session != NULL)
  678. {
  679. SSL_SESSION_free(s->session);
  680. s->session=NULL;
  681. }
  682. meth=s->ctx->method;
  683. if (meth != s->method)
  684. {
  685. if (!SSL_set_ssl_method(s,meth))
  686. return(0);
  687. }
  688. ret=1;
  689. }
  690. return(ret);
  691. }
  692. long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
  693. {
  694. if (s == NULL) return(0);
  695. s->timeout=t;
  696. return(1);
  697. }
  698. long SSL_SESSION_get_timeout(const SSL_SESSION *s)
  699. {
  700. if (s == NULL) return(0);
  701. return(s->timeout);
  702. }
  703. long SSL_SESSION_get_time(const SSL_SESSION *s)
  704. {
  705. if (s == NULL) return(0);
  706. return(s->time);
  707. }
  708. long SSL_SESSION_set_time(SSL_SESSION *s, long t)
  709. {
  710. if (s == NULL) return(0);
  711. s->time=t;
  712. return(t);
  713. }
  714. long SSL_CTX_set_timeout(SSL_CTX *s, long t)
  715. {
  716. long l;
  717. if (s == NULL) return(0);
  718. l=s->session_timeout;
  719. s->session_timeout=t;
  720. return(l);
  721. }
  722. long SSL_CTX_get_timeout(const SSL_CTX *s)
  723. {
  724. if (s == NULL) return(0);
  725. return(s->session_timeout);
  726. }
  727. typedef struct timeout_param_st
  728. {
  729. SSL_CTX *ctx;
  730. long time;
  731. LHASH *cache;
  732. } TIMEOUT_PARAM;
  733. static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p)
  734. {
  735. if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
  736. {
  737. /* The reason we don't call SSL_CTX_remove_session() is to
  738. * save on locking overhead */
  739. lh_delete(p->cache,s);
  740. SSL_SESSION_list_remove(p->ctx,s);
  741. s->not_resumable=1;
  742. if (p->ctx->remove_session_cb != NULL)
  743. p->ctx->remove_session_cb(p->ctx,s);
  744. SSL_SESSION_free(s);
  745. }
  746. }
  747. static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION *, TIMEOUT_PARAM *)
  748. void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
  749. {
  750. unsigned long i;
  751. TIMEOUT_PARAM tp;
  752. tp.ctx=s;
  753. tp.cache=s->sessions;
  754. if (tp.cache == NULL) return;
  755. tp.time=t;
  756. CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
  757. i=tp.cache->down_load;
  758. tp.cache->down_load=0;
  759. lh_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout), &tp);
  760. tp.cache->down_load=i;
  761. CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
  762. }
  763. int ssl_clear_bad_session(SSL *s)
  764. {
  765. if ( (s->session != NULL) &&
  766. !(s->shutdown & SSL_SENT_SHUTDOWN) &&
  767. !(SSL_in_init(s) || SSL_in_before(s)))
  768. {
  769. SSL_CTX_remove_session(s->ctx,s->session);
  770. return(1);
  771. }
  772. else
  773. return(0);
  774. }
  775. /* locked by SSL_CTX in the calling function */
  776. static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
  777. {
  778. if ((s->next == NULL) || (s->prev == NULL)) return;
  779. if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
  780. { /* last element in list */
  781. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
  782. { /* only one element in list */
  783. ctx->session_cache_head=NULL;
  784. ctx->session_cache_tail=NULL;
  785. }
  786. else
  787. {
  788. ctx->session_cache_tail=s->prev;
  789. s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
  790. }
  791. }
  792. else
  793. {
  794. if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
  795. { /* first element in list */
  796. ctx->session_cache_head=s->next;
  797. s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
  798. }
  799. else
  800. { /* middle of list */
  801. s->next->prev=s->prev;
  802. s->prev->next=s->next;
  803. }
  804. }
  805. s->prev=s->next=NULL;
  806. }
  807. static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
  808. {
  809. if ((s->next != NULL) && (s->prev != NULL))
  810. SSL_SESSION_list_remove(ctx,s);
  811. if (ctx->session_cache_head == NULL)
  812. {
  813. ctx->session_cache_head=s;
  814. ctx->session_cache_tail=s;
  815. s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
  816. s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
  817. }
  818. else
  819. {
  820. s->next=ctx->session_cache_head;
  821. s->next->prev=s;
  822. s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
  823. ctx->session_cache_head=s;
  824. }
  825. }