ssl_sess.c 38.6 KB
Newer Older
R
Rich Salz 已提交
1
/*
M
Matt Caswell 已提交
2
 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3
 * Copyright 2005 Nokia. All rights reserved.
4
 *
R
Rich Salz 已提交
5 6 7 8
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
9
 */
R
Rich Salz 已提交
10

11
#include <stdio.h>
12
#include <openssl/rand.h>
R
Rich Salz 已提交
13
#include <openssl/engine.h>
14
#include "internal/refcount.h"
15
#include "ssl_locl.h"
16
#include "statem/statem_locl.h"
17

18
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
19
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
20
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
21

22
/*
23 24 25 26 27 28
 * SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because,
 * unlike in earlier protocol versions, the session ticket may not have been
 * sent yet even though a handshake has finished. The session ticket data could
 * come in sometime later...or even change if multiple session ticket messages
 * are sent from the server. The preferred way for applications to obtain
 * a resumable session is to use SSL_CTX_sess_set_new_cb().
29 30
 */

B
Ben Laurie 已提交
31
SSL_SESSION *SSL_get_session(const SSL *ssl)
32
/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
33
{
K
KaoruToda 已提交
34
    return ssl->session;
35
}
36 37 38

SSL_SESSION *SSL_get1_session(SSL *ssl)
/* variant of SSL_get_session: caller really gets something */
39 40 41 42 43 44 45
{
    SSL_SESSION *sess;
    /*
     * Need to lock this all up rather than just use CRYPTO_add so that
     * somebody doesn't free ssl->session between when we check it's non-null
     * and when we up the reference count.
     */
46
    CRYPTO_THREAD_read_lock(ssl->lock);
47 48
    sess = ssl->session;
    if (sess)
49 50 51
        SSL_SESSION_up_ref(sess);
    CRYPTO_THREAD_unlock(ssl->lock);
    return sess;
52 53
}

U
Ulf Möller 已提交
54
int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
55
{
K
KaoruToda 已提交
56
    return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
57
}
58

B
Ben Laurie 已提交
59
void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
60
{
K
KaoruToda 已提交
61
    return CRYPTO_get_ex_data(&s->ex_data, idx);
62
}
63

U
Ulf Möller 已提交
64
SSL_SESSION *SSL_SESSION_new(void)
65 66 67
{
    SSL_SESSION *ss;

68 69 70
    if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
        return NULL;

R
Rich Salz 已提交
71
    ss = OPENSSL_zalloc(sizeof(*ss));
72 73
    if (ss == NULL) {
        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
74
        return NULL;
75 76 77 78 79 80
    }

    ss->verify_result = 1;      /* avoid 0 (= X509_V_OK) just in case */
    ss->references = 1;
    ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */
    ss->time = (unsigned long)time(NULL);
81 82 83 84 85 86 87
    ss->lock = CRYPTO_THREAD_lock_new();
    if (ss->lock == NULL) {
        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ss);
        return NULL;
    }

88 89 90 91 92
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
        CRYPTO_THREAD_lock_free(ss->lock);
        OPENSSL_free(ss);
        return NULL;
    }
93
    return ss;
94
}
95

M
Matt Caswell 已提交
96 97 98 99 100
SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src)
{
    return ssl_session_dup(src, 1);
}

101 102 103 104 105 106 107 108 109 110 111 112 113 114
/*
 * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
 * ticket == 0 then no ticket information is duplicated, otherwise it is.
 */
SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
{
    SSL_SESSION *dest;

    dest = OPENSSL_malloc(sizeof(*src));
    if (dest == NULL) {
        goto err;
    }
    memcpy(dest, src, sizeof(*dest));

M
Matt Caswell 已提交
115 116 117 118 119 120 121 122 123
    /*
     * Set the various pointers to NULL so that we can call SSL_SESSION_free in
     * the case of an error whilst halfway through constructing dest
     */
#ifndef OPENSSL_NO_PSK
    dest->psk_identity_hint = NULL;
    dest->psk_identity = NULL;
#endif
    dest->ciphers = NULL;
R
Rich Salz 已提交
124
    dest->ext.hostname = NULL;
M
Matt Caswell 已提交
125
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
126 127
    dest->ext.ecpointformats = NULL;
    dest->ext.supportedgroups = NULL;
M
Matt Caswell 已提交
128
#endif
R
Rich Salz 已提交
129
    dest->ext.tick = NULL;
130
    dest->ext.alpn_selected = NULL;
M
Matt Caswell 已提交
131 132 133
#ifndef OPENSSL_NO_SRP
    dest->srp_username = NULL;
#endif
T
Todd Short 已提交
134 135
    dest->peer_chain = NULL;
    dest->peer = NULL;
T
Todd Short 已提交
136
    dest->ticket_appdata = NULL;
137
    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
138

M
Matt Caswell 已提交
139 140 141 142 143 144
    /* We deliberately don't copy the prev and next pointers */
    dest->prev = NULL;
    dest->next = NULL;

    dest->references = 1;

145 146 147 148
    dest->lock = CRYPTO_THREAD_lock_new();
    if (dest->lock == NULL)
        goto err;

T
Todd Short 已提交
149 150 151 152 153 154 155 156
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
        goto err;

    if (src->peer != NULL) {
        if (!X509_up_ref(src->peer))
            goto err;
        dest->peer = src->peer;
    }
M
Matt Caswell 已提交
157

158 159 160 161 162
    if (src->peer_chain != NULL) {
        dest->peer_chain = X509_chain_up_ref(src->peer_chain);
        if (dest->peer_chain == NULL)
            goto err;
    }
163 164
#ifndef OPENSSL_NO_PSK
    if (src->psk_identity_hint) {
R
Rich Salz 已提交
165
        dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
166 167 168 169 170
        if (dest->psk_identity_hint == NULL) {
            goto err;
        }
    }
    if (src->psk_identity) {
R
Rich Salz 已提交
171
        dest->psk_identity = OPENSSL_strdup(src->psk_identity);
172 173 174 175 176 177
        if (dest->psk_identity == NULL) {
            goto err;
        }
    }
#endif

178
    if (src->ciphers != NULL) {
179 180 181 182 183 184
        dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
        if (dest->ciphers == NULL)
            goto err;
    }

    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
E
Emilia Kasper 已提交
185
                            &dest->ex_data, &src->ex_data)) {
186 187 188
        goto err;
    }

R
Rich Salz 已提交
189 190 191
    if (src->ext.hostname) {
        dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);
        if (dest->ext.hostname == NULL) {
192 193 194
            goto err;
        }
    }
M
Matt Caswell 已提交
195
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
196 197 198 199 200
    if (src->ext.ecpointformats) {
        dest->ext.ecpointformats =
            OPENSSL_memdup(src->ext.ecpointformats,
                           src->ext.ecpointformats_len);
        if (dest->ext.ecpointformats == NULL)
201 202
            goto err;
    }
R
Rich Salz 已提交
203 204 205
    if (src->ext.supportedgroups) {
        dest->ext.supportedgroups =
            OPENSSL_memdup(src->ext.supportedgroups,
206 207
                           src->ext.supportedgroups_len
                                * sizeof(*src->ext.supportedgroups));
R
Rich Salz 已提交
208
        if (dest->ext.supportedgroups == NULL)
209 210 211 212
            goto err;
    }
#endif

T
Todd Short 已提交
213
    if (ticket != 0 && src->ext.tick != NULL) {
R
Rich Salz 已提交
214 215 216
        dest->ext.tick =
            OPENSSL_memdup(src->ext.tick, src->ext.ticklen);
        if (dest->ext.tick == NULL)
217
            goto err;
M
Matt Caswell 已提交
218
    } else {
R
Rich Salz 已提交
219 220
        dest->ext.tick_lifetime_hint = 0;
        dest->ext.ticklen = 0;
221 222
    }

223 224 225 226 227 228 229 230 231
    if (src->ext.alpn_selected) {
        dest->ext.alpn_selected =
            (unsigned char*)OPENSSL_strndup((char*)src->ext.alpn_selected,
                                            src->ext.alpn_selected_len);
        if (dest->ext.alpn_selected == NULL) {
            goto err;
        }
    }

232 233
#ifndef OPENSSL_NO_SRP
    if (src->srp_username) {
R
Rich Salz 已提交
234
        dest->srp_username = OPENSSL_strdup(src->srp_username);
235 236 237 238 239 240
        if (dest->srp_username == NULL) {
            goto err;
        }
    }
#endif

T
Todd Short 已提交
241 242 243 244 245 246 247
    if (src->ticket_appdata != NULL) {
        dest->ticket_appdata =
            OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len);
        if (dest->ticket_appdata == NULL)
            goto err;
    }

248
    return dest;
E
Emilia Kasper 已提交
249
 err:
250 251 252 253 254
    SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
    SSL_SESSION_free(dest);
    return NULL;
}

E
Emilia Kasper 已提交
255
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
256 257
{
    if (len)
258
        *len = (unsigned int)s->session_id_length;
259 260
    return s->session_id;
}
261 262 263 264
const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
                                                unsigned int *len)
{
    if (len != NULL)
265
        *len = (unsigned int)s->sid_ctx_length;
266 267
    return s->sid_ctx;
}
268

269
unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
270 271 272 273 274 275 276 277 278 279 280 281 282 283
{
    return s->compress_meth;
}

/*
 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
 * the ID with random junk repeatedly until we have no conflict is going to
 * complete in one iteration pretty much "most" of the time (btw:
 * understatement). So, if it takes us 10 iterations and we still can't avoid
 * a conflict - well that's a reasonable point to call it quits. Either the
 * RAND code is broken or someone is trying to open roughly very close to
 * 2^256 SSL sessions to our server. How you might store that many sessions
 * is perhaps a more interesting question ...
 */
284 285

#define MAX_SESS_ID_ATTEMPTS 10
R
Rich Salz 已提交
286
static int def_generate_session_id(SSL *ssl, unsigned char *id,
287
                                   unsigned int *id_len)
288
{
289 290
    unsigned int retry = 0;
    do
291
        if (RAND_bytes(id, *id_len) <= 0)
292 293 294 295 296 297 298 299 300 301 302 303 304 305 306
            return 0;
    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
           (++retry < MAX_SESS_ID_ATTEMPTS)) ;
    if (retry < MAX_SESS_ID_ATTEMPTS)
        return 1;
    /* else - woops a session_id match */
    /*
     * XXX We should also check the external cache -- but the probability of
     * a collision is negligible, and we could not prevent the concurrent
     * creation of sessions with identical IDs since we currently don't have
     * means to atomically check whether a session ID already exists and make
     * a reservation for it if it does not (this problem applies to the
     * internal cache as well).
     */
    return 0;
307 308
}

309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325
int ssl_generate_session_id(SSL *s, SSL_SESSION *ss)
{
    unsigned int tmp;
    GEN_SESSION_CB cb = def_generate_session_id;

    switch (s->version) {
    case SSL3_VERSION:
    case TLS1_VERSION:
    case TLS1_1_VERSION:
    case TLS1_2_VERSION:
    case TLS1_3_VERSION:
    case DTLS1_BAD_VER:
    case DTLS1_VERSION:
    case DTLS1_2_VERSION:
        ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        break;
    default:
326 327
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_UNSUPPORTED_SSL_VERSION);
328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364
        return 0;
    }

    /*-
     * If RFC5077 ticket, use empty session ID (as server).
     * Note that:
     * (a) ssl_get_prev_session() does lookahead into the
     *     ClientHello extensions to find the session ticket.
     *     When ssl_get_prev_session() fails, statem_srvr.c calls
     *     ssl_get_new_session() in tls_process_client_hello().
     *     At that point, it has not yet parsed the extensions,
     *     however, because of the lookahead, it already knows
     *     whether a ticket is expected or not.
     *
     * (b) statem_clnt.c calls ssl_get_new_session() before parsing
     *     ServerHello extensions, and before recording the session
     *     ID received from the server, so this block is a noop.
     */
    if (s->ext.ticket_expected) {
        ss->session_id_length = 0;
        return 1;
    }

    /* Choose which callback will set the session ID */
    CRYPTO_THREAD_read_lock(s->lock);
    CRYPTO_THREAD_read_lock(s->session_ctx->lock);
    if (s->generate_session_id)
        cb = s->generate_session_id;
    else if (s->session_ctx->generate_session_id)
        cb = s->session_ctx->generate_session_id;
    CRYPTO_THREAD_unlock(s->session_ctx->lock);
    CRYPTO_THREAD_unlock(s->lock);
    /* Choose a session ID */
    memset(ss->session_id, 0, ss->session_id_length);
    tmp = (int)ss->session_id_length;
    if (!cb(s, ss->session_id, &tmp)) {
        /* The callback failed */
365 366
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
367 368 369 370 371 372 373 374
        return 0;
    }
    /*
     * Don't allow the callback to set the session length to zero. nor
     * set it higher than it was.
     */
    if (tmp == 0 || tmp > ss->session_id_length) {
        /* The callback set an illegal length */
375 376
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
377 378 379 380 381 382
        return 0;
    }
    ss->session_id_length = tmp;
    /* Finally, check for a conflict */
    if (SSL_has_matching_session_id(s, ss->session_id,
                                    (unsigned int)ss->session_id_length)) {
383 384
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_SSL_SESSION_ID_CONFLICT);
385 386 387 388 389 390
        return 0;
    }

    return 1;
}

U
Ulf Möller 已提交
391
int ssl_get_new_session(SSL *s, int session)
392 393 394 395 396
{
    /* This gets used by clients and servers. */

    SSL_SESSION *ss = NULL;

397 398 399
    if ((ss = SSL_SESSION_new()) == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
                 ERR_R_MALLOC_FAILURE);
400
        return 0;
401
    }
402 403 404 405 406 407 408

    /* If the context has a default timeout, use it */
    if (s->session_ctx->session_timeout == 0)
        ss->timeout = SSL_get_default_timeout(s);
    else
        ss->timeout = s->session_ctx->session_timeout;

R
Rich Salz 已提交
409 410
    SSL_SESSION_free(s->session);
    s->session = NULL;
411 412

    if (session) {
413 414 415 416 417 418 419
        if (SSL_IS_TLS13(s)) {
            /*
             * We generate the session id while constructing the
             * NewSessionTicket in TLSv1.3.
             */
            ss->session_id_length = 0;
        } else if (!ssl_generate_session_id(s, ss)) {
420
            /* SSLfatal() already called */
421
            SSL_SESSION_free(ss);
422
            return 0;
423
        }
424

R
Rich Salz 已提交
425 426 427
        if (s->ext.hostname) {
            ss->ext.hostname = OPENSSL_strdup(s->ext.hostname);
            if (ss->ext.hostname == NULL) {
428 429
                SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
                         ERR_R_INTERNAL_ERROR);
430 431 432 433 434 435 436 437
                SSL_SESSION_free(ss);
                return 0;
            }
        }
    } else {
        ss->session_id_length = 0;
    }

R
Rich Salz 已提交
438
    if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
439 440
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
                 ERR_R_INTERNAL_ERROR);
441 442 443 444 445 446 447 448 449
        SSL_SESSION_free(ss);
        return 0;
    }
    memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
    ss->sid_ctx_length = s->sid_ctx_length;
    s->session = ss;
    ss->ssl_version = s->version;
    ss->verify_result = X509_V_OK;

450 451 452 453
    /* If client supports extended master secret set it in session */
    if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)
        ss->flags |= SSL_SESS_FLAG_EXTMS;

454
    return 1;
455
}
456

457 458
/*-
 * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
B
Bodo Möller 已提交
459 460
 * connection. It is only called by servers.
 *
461
 *   hello: The parsed ClientHello data
B
Bodo Möller 已提交
462 463
 *
 * Returns:
464 465 466
 *   -1: fatal error
 *    0: no session found
 *    1: a session may have been found.
B
Bodo Möller 已提交
467 468 469 470
 *
 * Side effects:
 *   - If a session is found then s->session is pointed at it (after freeing an
 *     existing session if need be) and s->verify_result is set from the session.
R
Rich Salz 已提交
471
 *   - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
B
Bodo Möller 已提交
472 473
 *     if the server should issue a new session ticket (to 0 otherwise).
 */
474
int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
475 476
{
    /* This is used only by servers. */
477

478
    SSL_SESSION *ret = NULL;
479
    int fatal = 0, discard;
480
    int try_session_cache = 0;
481
    SSL_TICKET_STATUS r;
482

483
    if (SSL_IS_TLS13(s)) {
484 485 486 487 488
        /*
         * By default we will send a new ticket. This can be overridden in the
         * ticket processing.
         */
        s->ext.ticket_expected = 1;
489 490
        if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,
                                 SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,
491
                                 NULL, 0)
492
                || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,
493
                                        hello->pre_proc_exts, NULL, 0))
494 495 496 497 498 499 500
            return -1;

        ret = s->session;
    } else {
        /* sets s->ext.ticket_expected */
        r = tls_get_ticket_from_client(s, hello, &ret);
        switch (r) {
T
Todd Short 已提交
501 502
        case SSL_TICKET_FATAL_ERR_MALLOC:
        case SSL_TICKET_FATAL_ERR_OTHER:
503
            fatal = 1;
504 505
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
                     ERR_R_INTERNAL_ERROR);
506
            goto err;
T
Todd Short 已提交
507 508
        case SSL_TICKET_NONE:
        case SSL_TICKET_EMPTY:
509 510
            if (hello->session_id_len > 0)
                try_session_cache = 1;
M
Matt Caswell 已提交
511
            break;
T
Todd Short 已提交
512 513 514
        case SSL_TICKET_NO_DECRYPT:
        case SSL_TICKET_SUCCESS:
        case SSL_TICKET_SUCCESS_RENEW:
515 516
            break;
        }
517
    }
B
Bodo Möller 已提交
518

519 520
    if (try_session_cache &&
        ret == NULL &&
521
        !(s->session_ctx->session_cache_mode &
522 523
          SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
        SSL_SESSION data;
524

525
        data.ssl_version = s->version;
526 527 528
        memcpy(data.session_id, hello->session_id, hello->session_id_len);
        data.session_id_length = hello->session_id_len;

529
        CRYPTO_THREAD_read_lock(s->session_ctx->lock);
530 531 532
        ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
        if (ret != NULL) {
            /* don't allow other threads to steal it: */
533
            SSL_SESSION_up_ref(ret);
534
        }
535
        CRYPTO_THREAD_unlock(s->session_ctx->lock);
536
        if (ret == NULL)
537 538
            CRYPTO_atomic_add(&s->session_ctx->stats.sess_miss, 1, &discard,
                              s->session_ctx->lock);
539 540 541 542 543
    }

    if (try_session_cache &&
        ret == NULL && s->session_ctx->get_session_cb != NULL) {
        int copy = 1;
544 545 546

        ret = s->session_ctx->get_session_cb(s, hello->session_id,
                                             hello->session_id_len,
E
Emilia Kasper 已提交
547
                                             &copy);
548

549
        if (ret != NULL) {
550 551
            CRYPTO_atomic_add(&s->session_ctx->stats.sess_cb_hit, 1, &discard,
                              s->session_ctx->lock);
552 553 554 555 556 557 558 559 560

            /*
             * Increment reference count now if the session callback asks us
             * to do so (note that if the session structures returned by the
             * callback are shared between threads, it must handle the
             * reference count itself [i.e. copy == 0], or things won't be
             * thread-safe).
             */
            if (copy)
561
                SSL_SESSION_up_ref(ret);
562 563 564 565 566 567

            /*
             * Add the externally cached session to the internal cache as
             * well if and only if we are supposed to.
             */
            if (!
568
                (s->session_ctx->session_cache_mode &
M
Matt Caswell 已提交
569
                 SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
570
                /*
571 572 573
                 * Either return value of SSL_CTX_add_session should not
                 * interrupt the session resumption process. The return
                 * value is intentionally ignored.
574
                 */
575
                SSL_CTX_add_session(s->session_ctx, ret);
M
Matt Caswell 已提交
576
            }
577 578 579 580 581 582 583 584
        }
    }

    if (ret == NULL)
        goto err;

    /* Now ret is non-NULL and we own one of its reference counts. */

585 586 587 588
    /* Check TLS version consistency */
    if (ret->ssl_version != s->version)
        goto err;

589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608
    if (ret->sid_ctx_length != s->sid_ctx_length
        || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
        /*
         * We have the session requested by the client, but we don't want to
         * use it in this context.
         */
        goto err;               /* treat like cache miss */
    }

    if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
        /*
         * We can't be sure if this session is being used out of context,
         * which is especially important for SSL_VERIFY_PEER. The application
         * should have used SSL[_CTX]_set_session_id_context. For this error
         * case, we generate an error instead of treating the event like a
         * cache miss (otherwise it would be easy for applications to
         * effectively disable the session cache by accident without anyone
         * noticing).
         */

609 610
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
                 SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
611 612 613 614 615
        fatal = 1;
        goto err;
    }

    if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
616 617
        CRYPTO_atomic_add(&s->session_ctx->stats.sess_timeout, 1, &discard,
                          s->session_ctx->lock);
618 619 620 621 622 623 624
        if (try_session_cache) {
            /* session was from the cache, so remove it */
            SSL_CTX_remove_session(s->session_ctx, ret);
        }
        goto err;
    }

625 626 627 628
    /* Check extended master secret extension consistency */
    if (ret->flags & SSL_SESS_FLAG_EXTMS) {
        /* If old session includes extms, but new does not: abort handshake */
        if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)) {
629 630
            SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL_GET_PREV_SESSION,
                     SSL_R_INCONSISTENT_EXTMS);
631 632 633 634 635 636 637 638
            fatal = 1;
            goto err;
        }
    } else if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
        /* If new session includes extms, but old does not: do not resume */
        goto err;
    }

639 640 641 642 643
    if (!SSL_IS_TLS13(s)) {
        /* We already did this for TLS1.3 */
        SSL_SESSION_free(s->session);
        s->session = ret;
    }
644

645 646
    CRYPTO_atomic_add(&s->session_ctx->stats.sess_hit, 1, &discard,
                      s->session_ctx->lock);
647 648
    s->verify_result = s->session->verify_result;
    return 1;
649 650

 err:
651 652
    if (ret != NULL) {
        SSL_SESSION_free(ret);
653
        /* In TLSv1.3 s->session was already set to ret, so we NULL it out */
654 655
        if (SSL_IS_TLS13(s))
            s->session = NULL;
656

657 658 659 660 661
        if (!try_session_cache) {
            /*
             * The session was from a ticket, so we should issue a ticket for
             * the new session
             */
R
Rich Salz 已提交
662
            s->ext.ticket_expected = 1;
663 664
        }
    }
665
    if (fatal)
666
        return -1;
667 668

    return 0;
669
}
670

U
Ulf Möller 已提交
671
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
672
{
673
    int ret = 0, discard;
674 675 676 677 678 679 680
    SSL_SESSION *s;

    /*
     * add just 1 reference count for the SSL_CTX's session cache even though
     * it has two ways of access: each session is in a doubly linked list and
     * an lhash
     */
681
    SSL_SESSION_up_ref(c);
682 683 684 685
    /*
     * if session c is in already in cache, we take back the increment later
     */

686
    CRYPTO_THREAD_write_lock(ctx->lock);
687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704
    s = lh_SSL_SESSION_insert(ctx->sessions, c);

    /*
     * s != NULL iff we already had a session with the given PID. In this
     * case, s == c should hold (then we did not really modify
     * ctx->sessions), or we're in trouble.
     */
    if (s != NULL && s != c) {
        /* We *are* in trouble ... */
        SSL_SESSION_list_remove(ctx, s);
        SSL_SESSION_free(s);
        /*
         * ... so pretend the other session did not exist in cache (we cannot
         * handle two SSL_SESSION structures with identical session ID in the
         * same cache, which could happen e.g. when two threads concurrently
         * obtain the same session from an external cache)
         */
        s = NULL;
705 706 707 708 709 710 711 712 713
    } else if (s == NULL &&
               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */

        /*
         * ... so take back the extra reference and also don't add
         * the session to the SSL_SESSION_list at this time
         */
        s = c;
714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735
    }

    /* Put at the head of the queue unless it is already in the cache */
    if (s == NULL)
        SSL_SESSION_list_add(ctx, c);

    if (s != NULL) {
        /*
         * existing cache entry -- decrement previously incremented reference
         * count because it already takes into account the cache
         */

        SSL_SESSION_free(s);    /* s == c */
        ret = 0;
    } else {
        /*
         * new cache entry -- remove old ones if cache has become too large
         */

        ret = 1;

        if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
E
Emilia Kasper 已提交
736
            while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
737 738 739
                if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
                    break;
                else
740 741
                    CRYPTO_atomic_add(&ctx->stats.sess_cache_full, 1, &discard,
                                      ctx->lock);
742 743 744
            }
        }
    }
745 746
    CRYPTO_THREAD_unlock(ctx->lock);
    return ret;
747
}
748

U
Ulf Möller 已提交
749
int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
750
{
751
    return remove_session_lock(ctx, c, 1);
752 753
}

754
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
755 756 757 758 759 760
{
    SSL_SESSION *r;
    int ret = 0;

    if ((c != NULL) && (c->session_id_length != 0)) {
        if (lck)
761
            CRYPTO_THREAD_write_lock(ctx->lock);
M
Matt Caswell 已提交
762
        if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) {
763
            ret = 1;
M
Matt Caswell 已提交
764 765
            r = lh_SSL_SESSION_delete(ctx->sessions, r);
            SSL_SESSION_list_remove(ctx, r);
766
        }
767
        c->not_resumable = 1;
768 769

        if (lck)
770
            CRYPTO_THREAD_unlock(ctx->lock);
771

772
        if (ret)
773
            SSL_SESSION_free(r);
774 775 776

        if (ctx->remove_session_cb != NULL)
            ctx->remove_session_cb(ctx, c);
777 778
    } else
        ret = 0;
K
KaoruToda 已提交
779
    return ret;
780
}
781

U
Ulf Möller 已提交
782
void SSL_SESSION_free(SSL_SESSION *ss)
783 784
{
    int i;
785

R
Rich Salz 已提交
786 787
    if (ss == NULL)
        return;
788
    CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
R
Rich Salz 已提交
789
    REF_PRINT_COUNT("SSL_SESSION", ss);
790 791
    if (i > 0)
        return;
R
Rich Salz 已提交
792
    REF_ASSERT_ISNT(i < 0);
793

794
    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
795

R
Rich Salz 已提交
796 797
    OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
    OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
R
Rich Salz 已提交
798
    X509_free(ss->peer);
799
    sk_X509_pop_free(ss->peer_chain, X509_free);
R
Rich Salz 已提交
800
    sk_SSL_CIPHER_free(ss->ciphers);
R
Rich Salz 已提交
801 802
    OPENSSL_free(ss->ext.hostname);
    OPENSSL_free(ss->ext.tick);
803
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
804 805 806 807 808 809
    OPENSSL_free(ss->ext.ecpointformats);
    ss->ext.ecpointformats = NULL;
    ss->ext.ecpointformats_len = 0;
    OPENSSL_free(ss->ext.supportedgroups);
    ss->ext.supportedgroups = NULL;
    ss->ext.supportedgroups_len = 0;
E
Emilia Kasper 已提交
810
#endif                          /* OPENSSL_NO_EC */
811
#ifndef OPENSSL_NO_PSK
R
Rich Salz 已提交
812 813
    OPENSSL_free(ss->psk_identity_hint);
    OPENSSL_free(ss->psk_identity);
B
Ben Laurie 已提交
814 815
#endif
#ifndef OPENSSL_NO_SRP
R
Rich Salz 已提交
816
    OPENSSL_free(ss->srp_username);
817
#endif
818
    OPENSSL_free(ss->ext.alpn_selected);
T
Todd Short 已提交
819
    OPENSSL_free(ss->ticket_appdata);
820
    CRYPTO_THREAD_lock_free(ss->lock);
R
Rich Salz 已提交
821
    OPENSSL_clear_free(ss, sizeof(*ss));
822
}
823

824 825 826 827
int SSL_SESSION_up_ref(SSL_SESSION *ss)
{
    int i;

828
    if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
829 830 831 832 833 834 835
        return 0;

    REF_PRINT_COUNT("SSL_SESSION", ss);
    REF_ASSERT_ISNT(i < 2);
    return ((i > 1) ? 1 : 0);
}

U
Ulf Möller 已提交
836
int SSL_set_session(SSL *s, SSL_SESSION *session)
837
{
838 839 840 841 842
    ssl_clear_bad_session(s);
    if (s->ctx->method != s->method) {
        if (!SSL_set_ssl_method(s, s->ctx->method))
            return 0;
    }
843

844
    if (session != NULL) {
845
        SSL_SESSION_up_ref(session);
846
        s->verify_result = session->verify_result;
847
    }
848 849 850 851
    SSL_SESSION_free(s->session);
    s->session = session;

    return 1;
852
}
853

854 855 856 857 858 859 860 861 862
int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
                        unsigned int sid_len)
{
    if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
      SSLerr(SSL_F_SSL_SESSION_SET1_ID,
             SSL_R_SSL_SESSION_ID_TOO_LONG);
      return 0;
    }
    s->session_id_length = sid_len;
863 864
    if (sid != s->session_id)
        memcpy(s->session_id, sid, sid_len);
865 866 867
    return 1;
}

U
Ulf Möller 已提交
868
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
869 870
{
    if (s == NULL)
K
KaoruToda 已提交
871
        return 0;
872
    s->timeout = t;
873
    return 1;
874
}
875

B
Ben Laurie 已提交
876
long SSL_SESSION_get_timeout(const SSL_SESSION *s)
877 878
{
    if (s == NULL)
K
KaoruToda 已提交
879 880
        return 0;
    return s->timeout;
881
}
882

B
Ben Laurie 已提交
883
long SSL_SESSION_get_time(const SSL_SESSION *s)
884 885
{
    if (s == NULL)
K
KaoruToda 已提交
886 887
        return 0;
    return s->time;
888
}
889

U
Ulf Möller 已提交
890
long SSL_SESSION_set_time(SSL_SESSION *s, long t)
891 892
{
    if (s == NULL)
K
KaoruToda 已提交
893
        return 0;
894
    s->time = t;
K
KaoruToda 已提交
895
    return t;
896
}
897

898 899 900 901 902
int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
{
    return s->ssl_version;
}

903 904 905 906 907 908
int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version)
{
    s->ssl_version = version;
    return 1;
}

R
Rich Salz 已提交
909 910 911 912
const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
{
    return s->cipher;
}
M
Matt Caswell 已提交
913 914 915 916 917 918

int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher)
{
    s->cipher = cipher;
    return 1;
}
R
Rich Salz 已提交
919

L
Lyon Chen 已提交
920 921
const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
{
R
Rich Salz 已提交
922
    return s->ext.hostname;
L
Lyon Chen 已提交
923 924
}

925 926 927 928 929 930 931 932 933 934 935 936
int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname)
{
    OPENSSL_free(s->ext.hostname);
    if (hostname == NULL) {
        s->ext.hostname = NULL;
        return 1;
    }
    s->ext.hostname = OPENSSL_strdup(hostname);

    return s->ext.hostname != NULL;
}

937 938
int SSL_SESSION_has_ticket(const SSL_SESSION *s)
{
R
Rich Salz 已提交
939
    return (s->ext.ticklen > 0) ? 1 : 0;
940 941 942 943
}

unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
{
R
Rich Salz 已提交
944
    return s->ext.tick_lifetime_hint;
945 946
}

947
void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
E
Emilia Kasper 已提交
948
                             size_t *len)
949
{
R
Rich Salz 已提交
950
    *len = s->ext.ticklen;
V
Viktor Dukhovni 已提交
951
    if (tick != NULL)
R
Rich Salz 已提交
952
        *tick = s->ext.tick;
953 954
}

955 956 957 958 959
uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
{
    return s->ext.max_early_data;
}

960 961 962 963 964 965 966
int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
{
    s->ext.max_early_data = max_early_data;

    return 1;
}

967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993
void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
                                    const unsigned char **alpn,
                                    size_t *len)
{
    *alpn = s->ext.alpn_selected;
    *len = s->ext.alpn_selected_len;
}

int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
                                   size_t len)
{
    OPENSSL_free(s->ext.alpn_selected);
    if (alpn == NULL || len == 0) {
        s->ext.alpn_selected = NULL;
        s->ext.alpn_selected_len = 0;
        return 1;
    }
    s->ext.alpn_selected = OPENSSL_memdup(alpn, len);
    if (s->ext.alpn_selected == NULL) {
        s->ext.alpn_selected_len = 0;
        return 0;
    }
    s->ext.alpn_selected_len = len;

    return 1;
}

994
X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007
{
    return s->peer;
}

int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
                                unsigned int sid_ctx_len)
{
    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
        SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
        return 0;
    }
    s->sid_ctx_length = sid_ctx_len;
1008 1009
    if (sid_ctx != s->sid_ctx)
        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
1010 1011 1012

    return 1;
}
1013

1014 1015 1016 1017 1018 1019 1020 1021 1022 1023
int SSL_SESSION_is_resumable(const SSL_SESSION *s)
{
    /*
     * In the case of EAP-FAST, we can have a pre-shared "ticket" without a
     * session ID.
     */
    return !s->not_resumable
           && (s->session_id_length > 0 || s->ext.ticklen > 0);
}

U
Ulf Möller 已提交
1024
long SSL_CTX_set_timeout(SSL_CTX *s, long t)
1025 1026 1027
{
    long l;
    if (s == NULL)
K
KaoruToda 已提交
1028
        return 0;
1029 1030
    l = s->session_timeout;
    s->session_timeout = t;
K
KaoruToda 已提交
1031
    return l;
1032
}
1033

B
Ben Laurie 已提交
1034
long SSL_CTX_get_timeout(const SSL_CTX *s)
1035 1036
{
    if (s == NULL)
K
KaoruToda 已提交
1037 1038
        return 0;
    return s->session_timeout;
1039
}
1040

1041
int SSL_set_session_secret_cb(SSL *s,
R
Rich Salz 已提交
1042
                              tls_session_secret_cb_fn tls_session_secret_cb,
1043 1044 1045
                              void *arg)
{
    if (s == NULL)
K
KaoruToda 已提交
1046
        return 0;
R
Rich Salz 已提交
1047 1048
    s->ext.session_secret_cb = tls_session_secret_cb;
    s->ext.session_secret_cb_arg = arg;
1049
    return 1;
1050
}
D
Dr. Stephen Henson 已提交
1051 1052

int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
1053 1054 1055
                                  void *arg)
{
    if (s == NULL)
K
KaoruToda 已提交
1056
        return 0;
R
Rich Salz 已提交
1057 1058
    s->ext.session_ticket_cb = cb;
    s->ext.session_ticket_cb_arg = arg;
1059
    return 1;
1060
}
D
Dr. Stephen Henson 已提交
1061 1062

int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
1063 1064
{
    if (s->version >= TLS1_VERSION) {
R
Rich Salz 已提交
1065 1066 1067
        OPENSSL_free(s->ext.session_ticket);
        s->ext.session_ticket = NULL;
        s->ext.session_ticket =
1068
            OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
R
Rich Salz 已提交
1069
        if (s->ext.session_ticket == NULL) {
1070 1071 1072 1073
            SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
            return 0;
        }

R
Rich Salz 已提交
1074
        if (ext_data != NULL) {
R
Rich Salz 已提交
1075 1076 1077
            s->ext.session_ticket->length = ext_len;
            s->ext.session_ticket->data = s->ext.session_ticket + 1;
            memcpy(s->ext.session_ticket->data, ext_data, ext_len);
1078
        } else {
R
Rich Salz 已提交
1079 1080
            s->ext.session_ticket->length = 0;
            s->ext.session_ticket->data = NULL;
1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093
        }

        return 1;
    }

    return 0;
}

typedef struct timeout_param_st {
    SSL_CTX *ctx;
    long time;
    LHASH_OF(SSL_SESSION) *cache;
} TIMEOUT_PARAM;
1094

D
Dr. Stephen Henson 已提交
1095
static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p)
1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109
{
    if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
        /*
         * The reason we don't call SSL_CTX_remove_session() is to save on
         * locking overhead
         */
        (void)lh_SSL_SESSION_delete(p->cache, s);
        SSL_SESSION_list_remove(p->ctx, s);
        s->not_resumable = 1;
        if (p->ctx->remove_session_cb != NULL)
            p->ctx->remove_session_cb(p->ctx, s);
        SSL_SESSION_free(s);
    }
}
1110

D
Dr. Stephen Henson 已提交
1111
IMPLEMENT_LHASH_DOALL_ARG(SSL_SESSION, TIMEOUT_PARAM);
1112

U
Ulf Möller 已提交
1113
void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
1114 1115 1116 1117 1118 1119 1120 1121 1122
{
    unsigned long i;
    TIMEOUT_PARAM tp;

    tp.ctx = s;
    tp.cache = s->sessions;
    if (tp.cache == NULL)
        return;
    tp.time = t;
1123
    CRYPTO_THREAD_write_lock(s->lock);
1124 1125
    i = lh_SSL_SESSION_get_down_load(s->sessions);
    lh_SSL_SESSION_set_down_load(s->sessions, 0);
D
Dr. Stephen Henson 已提交
1126
    lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
1127
    lh_SSL_SESSION_set_down_load(s->sessions, i);
1128
    CRYPTO_THREAD_unlock(s->lock);
1129
}
1130

U
Ulf Möller 已提交
1131
int ssl_clear_bad_session(SSL *s)
1132 1133 1134 1135
{
    if ((s->session != NULL) &&
        !(s->shutdown & SSL_SENT_SHUTDOWN) &&
        !(SSL_in_init(s) || SSL_in_before(s))) {
1136
        SSL_CTX_remove_session(s->session_ctx, s->session);
1137
        return 1;
1138
    } else
K
KaoruToda 已提交
1139
        return 0;
1140
}
1141 1142

/* locked by SSL_CTX in the calling function */
U
Ulf Möller 已提交
1143
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170
{
    if ((s->next == NULL) || (s->prev == NULL))
        return;

    if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
        /* last element in list */
        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
            /* only one element in list */
            ctx->session_cache_head = NULL;
            ctx->session_cache_tail = NULL;
        } else {
            ctx->session_cache_tail = s->prev;
            s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
        }
    } else {
        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
            /* first element in list */
            ctx->session_cache_head = s->next;
            s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        } else {
            /* middle of list */
            s->next->prev = s->prev;
            s->prev->next = s->next;
        }
    }
    s->prev = s->next = NULL;
}
1171

U
Ulf Möller 已提交
1172
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188
{
    if ((s->next != NULL) && (s->prev != NULL))
        SSL_SESSION_list_remove(ctx, s);

    if (ctx->session_cache_head == NULL) {
        ctx->session_cache_head = s;
        ctx->session_cache_tail = s;
        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
    } else {
        s->next = ctx->session_cache_head;
        s->next->prev = s;
        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        ctx->session_cache_head = s;
    }
}
1189

N
Nils Larsch 已提交
1190
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
E
Emilia Kasper 已提交
1191
                             int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
1192 1193 1194
{
    ctx->new_session_cb = cb;
}
N
Nils Larsch 已提交
1195

1196 1197 1198
int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
    return ctx->new_session_cb;
}
N
Nils Larsch 已提交
1199 1200

void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
1201 1202 1203 1204
                                void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
{
    ctx->remove_session_cb = cb;
}
N
Nils Larsch 已提交
1205

1206 1207 1208 1209
void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
                                                  SSL_SESSION *sess) {
    return ctx->remove_session_cb;
}
N
Nils Larsch 已提交
1210 1211

void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
1212
                             SSL_SESSION *(*cb) (struct ssl_st *ssl,
E
Emilia Kasper 已提交
1213 1214
                                                 const unsigned char *data,
                                                 int len, int *copy))
1215 1216 1217 1218 1219
{
    ctx->get_session_cb = cb;
}

SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
E
Emilia Kasper 已提交
1220 1221 1222
                                                       const unsigned char
                                                       *data, int len,
                                                       int *copy) {
1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235
    return ctx->get_session_cb;
}

void SSL_CTX_set_info_callback(SSL_CTX *ctx,
                               void (*cb) (const SSL *ssl, int type, int val))
{
    ctx->info_callback = cb;
}

void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
                                                 int val) {
    return ctx->info_callback;
}
N
Nils Larsch 已提交
1236 1237

void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
1238 1239 1240 1241 1242
                                int (*cb) (SSL *ssl, X509 **x509,
                                           EVP_PKEY **pkey))
{
    ctx->client_cert_cb = cb;
}
N
Nils Larsch 已提交
1243

1244 1245 1246 1247
int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
                                                 EVP_PKEY **pkey) {
    return ctx->client_cert_cb;
}
N
Nils Larsch 已提交
1248

1249 1250
#ifndef OPENSSL_NO_ENGINE
int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264
{
    if (!ENGINE_init(e)) {
        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
        return 0;
    }
    if (!ENGINE_get_ssl_client_cert_function(e)) {
        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
               SSL_R_NO_CLIENT_CERT_METHOD);
        ENGINE_finish(e);
        return 0;
    }
    ctx->client_cert_engine = e;
    return 1;
}
1265 1266
#endif

N
Nils Larsch 已提交
1267
void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
1268 1269 1270 1271 1272 1273
                                    int (*cb) (SSL *ssl,
                                               unsigned char *cookie,
                                               unsigned int *cookie_len))
{
    ctx->app_gen_cookie_cb = cb;
}
N
Nils Larsch 已提交
1274 1275

void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
E
Emilia Kasper 已提交
1276 1277
                                  int (*cb) (SSL *ssl,
                                             const unsigned char *cookie,
1278 1279 1280 1281
                                             unsigned int cookie_len))
{
    ctx->app_verify_cookie_cb = cb;
}
N
Nils Larsch 已提交
1282

T
Todd Short 已提交
1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305
int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len)
{
    OPENSSL_free(ss->ticket_appdata);
    ss->ticket_appdata_len = 0;
    if (data == NULL || len == 0) {
        ss->ticket_appdata = NULL;
        return 1;
    }
    ss->ticket_appdata = OPENSSL_memdup(data, len);
    if (ss->ticket_appdata != NULL) {
        ss->ticket_appdata_len = len;
        return 1;
    }
    return 0;
}

int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len)
{
    *data = ss->ticket_appdata;
    *len = ss->ticket_appdata_len;
    return 1;
}

1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323
void SSL_CTX_set_stateless_cookie_generate_cb(
    SSL_CTX *ctx,
    int (*cb) (SSL *ssl,
               unsigned char *cookie,
               size_t *cookie_len))
{
    ctx->gen_stateless_cookie_cb = cb;
}

void SSL_CTX_set_stateless_cookie_verify_cb(
    SSL_CTX *ctx,
    int (*cb) (SSL *ssl,
               const unsigned char *cookie,
               size_t cookie_len))
{
    ctx->verify_stateless_cookie_cb = cb;
}

E
Emilia Kasper 已提交
1324
IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)