ssl_sess.c 38.6 KB
Newer Older
R
Rich Salz 已提交
1
/*
M
Matt Caswell 已提交
2
 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3
 * Copyright 2005 Nokia. All rights reserved.
4
 *
R
Rich Salz 已提交
5 6 7 8
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
9
 */
R
Rich Salz 已提交
10

11
#include <stdio.h>
12
#include <openssl/rand.h>
R
Rich Salz 已提交
13
#include <openssl/engine.h>
14
#include "internal/refcount.h"
15
#include "ssl_locl.h"
16
#include "statem/statem_locl.h"
17

18
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
19
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
20
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
21

22
/*
23 24 25 26 27 28
 * SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because,
 * unlike in earlier protocol versions, the session ticket may not have been
 * sent yet even though a handshake has finished. The session ticket data could
 * come in sometime later...or even change if multiple session ticket messages
 * are sent from the server. The preferred way for applications to obtain
 * a resumable session is to use SSL_CTX_sess_set_new_cb().
29 30
 */

B
Ben Laurie 已提交
31
SSL_SESSION *SSL_get_session(const SSL *ssl)
32
/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
33
{
K
KaoruToda 已提交
34
    return ssl->session;
35
}
36 37 38

SSL_SESSION *SSL_get1_session(SSL *ssl)
/* variant of SSL_get_session: caller really gets something */
39 40 41 42 43 44 45
{
    SSL_SESSION *sess;
    /*
     * Need to lock this all up rather than just use CRYPTO_add so that
     * somebody doesn't free ssl->session between when we check it's non-null
     * and when we up the reference count.
     */
46
    CRYPTO_THREAD_read_lock(ssl->lock);
47 48
    sess = ssl->session;
    if (sess)
49 50 51
        SSL_SESSION_up_ref(sess);
    CRYPTO_THREAD_unlock(ssl->lock);
    return sess;
52 53
}

U
Ulf Möller 已提交
54
int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
55
{
K
KaoruToda 已提交
56
    return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
57
}
58

B
Ben Laurie 已提交
59
void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
60
{
K
KaoruToda 已提交
61
    return CRYPTO_get_ex_data(&s->ex_data, idx);
62
}
63

U
Ulf Möller 已提交
64
SSL_SESSION *SSL_SESSION_new(void)
65 66 67
{
    SSL_SESSION *ss;

68 69 70
    if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
        return NULL;

R
Rich Salz 已提交
71
    ss = OPENSSL_zalloc(sizeof(*ss));
72 73
    if (ss == NULL) {
        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
74
        return NULL;
75 76 77 78 79 80
    }

    ss->verify_result = 1;      /* avoid 0 (= X509_V_OK) just in case */
    ss->references = 1;
    ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */
    ss->time = (unsigned long)time(NULL);
81 82 83 84 85 86 87
    ss->lock = CRYPTO_THREAD_lock_new();
    if (ss->lock == NULL) {
        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ss);
        return NULL;
    }

88 89 90 91 92
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
        CRYPTO_THREAD_lock_free(ss->lock);
        OPENSSL_free(ss);
        return NULL;
    }
93
    return ss;
94
}
95

M
Matt Caswell 已提交
96 97 98 99 100
SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src)
{
    return ssl_session_dup(src, 1);
}

101 102 103 104 105 106 107 108 109 110 111 112 113 114
/*
 * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
 * ticket == 0 then no ticket information is duplicated, otherwise it is.
 */
SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
{
    SSL_SESSION *dest;

    dest = OPENSSL_malloc(sizeof(*src));
    if (dest == NULL) {
        goto err;
    }
    memcpy(dest, src, sizeof(*dest));

M
Matt Caswell 已提交
115 116 117 118 119 120 121 122 123
    /*
     * Set the various pointers to NULL so that we can call SSL_SESSION_free in
     * the case of an error whilst halfway through constructing dest
     */
#ifndef OPENSSL_NO_PSK
    dest->psk_identity_hint = NULL;
    dest->psk_identity = NULL;
#endif
    dest->ciphers = NULL;
R
Rich Salz 已提交
124
    dest->ext.hostname = NULL;
M
Matt Caswell 已提交
125
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
126 127
    dest->ext.ecpointformats = NULL;
    dest->ext.supportedgroups = NULL;
M
Matt Caswell 已提交
128
#endif
R
Rich Salz 已提交
129
    dest->ext.tick = NULL;
130
    dest->ext.alpn_selected = NULL;
M
Matt Caswell 已提交
131 132 133
#ifndef OPENSSL_NO_SRP
    dest->srp_username = NULL;
#endif
T
Todd Short 已提交
134 135
    dest->peer_chain = NULL;
    dest->peer = NULL;
136
    dest->ext.tick_nonce = NULL;
T
Todd Short 已提交
137
    dest->ticket_appdata = NULL;
138
    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
139

M
Matt Caswell 已提交
140 141 142 143 144 145
    /* We deliberately don't copy the prev and next pointers */
    dest->prev = NULL;
    dest->next = NULL;

    dest->references = 1;

146 147 148 149
    dest->lock = CRYPTO_THREAD_lock_new();
    if (dest->lock == NULL)
        goto err;

T
Todd Short 已提交
150 151 152 153 154 155 156 157
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
        goto err;

    if (src->peer != NULL) {
        if (!X509_up_ref(src->peer))
            goto err;
        dest->peer = src->peer;
    }
M
Matt Caswell 已提交
158

159 160 161 162 163
    if (src->peer_chain != NULL) {
        dest->peer_chain = X509_chain_up_ref(src->peer_chain);
        if (dest->peer_chain == NULL)
            goto err;
    }
164 165
#ifndef OPENSSL_NO_PSK
    if (src->psk_identity_hint) {
R
Rich Salz 已提交
166
        dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
167 168 169 170 171
        if (dest->psk_identity_hint == NULL) {
            goto err;
        }
    }
    if (src->psk_identity) {
R
Rich Salz 已提交
172
        dest->psk_identity = OPENSSL_strdup(src->psk_identity);
173 174 175 176 177 178
        if (dest->psk_identity == NULL) {
            goto err;
        }
    }
#endif

179
    if (src->ciphers != NULL) {
180 181 182 183 184 185
        dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
        if (dest->ciphers == NULL)
            goto err;
    }

    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
E
Emilia Kasper 已提交
186
                            &dest->ex_data, &src->ex_data)) {
187 188 189
        goto err;
    }

R
Rich Salz 已提交
190 191 192
    if (src->ext.hostname) {
        dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);
        if (dest->ext.hostname == NULL) {
193 194 195
            goto err;
        }
    }
M
Matt Caswell 已提交
196
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
197 198 199 200 201
    if (src->ext.ecpointformats) {
        dest->ext.ecpointformats =
            OPENSSL_memdup(src->ext.ecpointformats,
                           src->ext.ecpointformats_len);
        if (dest->ext.ecpointformats == NULL)
202 203
            goto err;
    }
R
Rich Salz 已提交
204 205 206 207 208
    if (src->ext.supportedgroups) {
        dest->ext.supportedgroups =
            OPENSSL_memdup(src->ext.supportedgroups,
                           src->ext.supportedgroups_len);
        if (dest->ext.supportedgroups == NULL)
209 210 211 212
            goto err;
    }
#endif

T
Todd Short 已提交
213
    if (ticket != 0 && src->ext.tick != NULL) {
R
Rich Salz 已提交
214 215 216
        dest->ext.tick =
            OPENSSL_memdup(src->ext.tick, src->ext.ticklen);
        if (dest->ext.tick == NULL)
217
            goto err;
M
Matt Caswell 已提交
218
    } else {
R
Rich Salz 已提交
219 220
        dest->ext.tick_lifetime_hint = 0;
        dest->ext.ticklen = 0;
221 222
    }

223 224 225 226 227 228 229 230 231
    if (src->ext.alpn_selected) {
        dest->ext.alpn_selected =
            (unsigned char*)OPENSSL_strndup((char*)src->ext.alpn_selected,
                                            src->ext.alpn_selected_len);
        if (dest->ext.alpn_selected == NULL) {
            goto err;
        }
    }

232 233 234 235 236 237 238
    if (src->ext.tick_nonce != NULL) {
        dest->ext.tick_nonce = OPENSSL_memdup(src->ext.tick_nonce,
                                              src->ext.tick_nonce_len);
        if (dest->ext.tick_nonce == NULL)
            goto err;
    }

239 240
#ifndef OPENSSL_NO_SRP
    if (src->srp_username) {
R
Rich Salz 已提交
241
        dest->srp_username = OPENSSL_strdup(src->srp_username);
242 243 244 245 246 247
        if (dest->srp_username == NULL) {
            goto err;
        }
    }
#endif

T
Todd Short 已提交
248 249 250 251 252 253 254
    if (src->ticket_appdata != NULL) {
        dest->ticket_appdata =
            OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len);
        if (dest->ticket_appdata == NULL)
            goto err;
    }

255
    return dest;
E
Emilia Kasper 已提交
256
 err:
257 258 259 260 261
    SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
    SSL_SESSION_free(dest);
    return NULL;
}

E
Emilia Kasper 已提交
262
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
263 264
{
    if (len)
265
        *len = (unsigned int)s->session_id_length;
266 267
    return s->session_id;
}
268 269 270 271
const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
                                                unsigned int *len)
{
    if (len != NULL)
272
        *len = (unsigned int)s->sid_ctx_length;
273 274
    return s->sid_ctx;
}
275

276
unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
277 278 279 280 281 282 283 284 285 286 287 288 289 290
{
    return s->compress_meth;
}

/*
 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
 * the ID with random junk repeatedly until we have no conflict is going to
 * complete in one iteration pretty much "most" of the time (btw:
 * understatement). So, if it takes us 10 iterations and we still can't avoid
 * a conflict - well that's a reasonable point to call it quits. Either the
 * RAND code is broken or someone is trying to open roughly very close to
 * 2^256 SSL sessions to our server. How you might store that many sessions
 * is perhaps a more interesting question ...
 */
291 292

#define MAX_SESS_ID_ATTEMPTS 10
R
Rich Salz 已提交
293
static int def_generate_session_id(SSL *ssl, unsigned char *id,
294
                                   unsigned int *id_len)
295
{
296 297
    unsigned int retry = 0;
    do
298
        if (RAND_bytes(id, *id_len) <= 0)
299 300 301 302 303 304 305 306 307 308 309 310 311 312 313
            return 0;
    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
           (++retry < MAX_SESS_ID_ATTEMPTS)) ;
    if (retry < MAX_SESS_ID_ATTEMPTS)
        return 1;
    /* else - woops a session_id match */
    /*
     * XXX We should also check the external cache -- but the probability of
     * a collision is negligible, and we could not prevent the concurrent
     * creation of sessions with identical IDs since we currently don't have
     * means to atomically check whether a session ID already exists and make
     * a reservation for it if it does not (this problem applies to the
     * internal cache as well).
     */
    return 0;
314 315
}

316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332
int ssl_generate_session_id(SSL *s, SSL_SESSION *ss)
{
    unsigned int tmp;
    GEN_SESSION_CB cb = def_generate_session_id;

    switch (s->version) {
    case SSL3_VERSION:
    case TLS1_VERSION:
    case TLS1_1_VERSION:
    case TLS1_2_VERSION:
    case TLS1_3_VERSION:
    case DTLS1_BAD_VER:
    case DTLS1_VERSION:
    case DTLS1_2_VERSION:
        ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        break;
    default:
333 334
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_UNSUPPORTED_SSL_VERSION);
335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371
        return 0;
    }

    /*-
     * If RFC5077 ticket, use empty session ID (as server).
     * Note that:
     * (a) ssl_get_prev_session() does lookahead into the
     *     ClientHello extensions to find the session ticket.
     *     When ssl_get_prev_session() fails, statem_srvr.c calls
     *     ssl_get_new_session() in tls_process_client_hello().
     *     At that point, it has not yet parsed the extensions,
     *     however, because of the lookahead, it already knows
     *     whether a ticket is expected or not.
     *
     * (b) statem_clnt.c calls ssl_get_new_session() before parsing
     *     ServerHello extensions, and before recording the session
     *     ID received from the server, so this block is a noop.
     */
    if (s->ext.ticket_expected) {
        ss->session_id_length = 0;
        return 1;
    }

    /* Choose which callback will set the session ID */
    CRYPTO_THREAD_read_lock(s->lock);
    CRYPTO_THREAD_read_lock(s->session_ctx->lock);
    if (s->generate_session_id)
        cb = s->generate_session_id;
    else if (s->session_ctx->generate_session_id)
        cb = s->session_ctx->generate_session_id;
    CRYPTO_THREAD_unlock(s->session_ctx->lock);
    CRYPTO_THREAD_unlock(s->lock);
    /* Choose a session ID */
    memset(ss->session_id, 0, ss->session_id_length);
    tmp = (int)ss->session_id_length;
    if (!cb(s, ss->session_id, &tmp)) {
        /* The callback failed */
372 373
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
374 375 376 377 378 379 380 381
        return 0;
    }
    /*
     * Don't allow the callback to set the session length to zero. nor
     * set it higher than it was.
     */
    if (tmp == 0 || tmp > ss->session_id_length) {
        /* The callback set an illegal length */
382 383
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
384 385 386 387 388 389
        return 0;
    }
    ss->session_id_length = tmp;
    /* Finally, check for a conflict */
    if (SSL_has_matching_session_id(s, ss->session_id,
                                    (unsigned int)ss->session_id_length)) {
390 391
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,
                 SSL_R_SSL_SESSION_ID_CONFLICT);
392 393 394 395 396 397
        return 0;
    }

    return 1;
}

U
Ulf Möller 已提交
398
int ssl_get_new_session(SSL *s, int session)
399 400 401 402 403
{
    /* This gets used by clients and servers. */

    SSL_SESSION *ss = NULL;

404 405 406
    if ((ss = SSL_SESSION_new()) == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
                 ERR_R_MALLOC_FAILURE);
407
        return 0;
408
    }
409 410 411 412 413 414 415

    /* If the context has a default timeout, use it */
    if (s->session_ctx->session_timeout == 0)
        ss->timeout = SSL_get_default_timeout(s);
    else
        ss->timeout = s->session_ctx->session_timeout;

R
Rich Salz 已提交
416 417
    SSL_SESSION_free(s->session);
    s->session = NULL;
418 419

    if (session) {
420 421 422 423 424 425 426
        if (SSL_IS_TLS13(s)) {
            /*
             * We generate the session id while constructing the
             * NewSessionTicket in TLSv1.3.
             */
            ss->session_id_length = 0;
        } else if (!ssl_generate_session_id(s, ss)) {
427
            /* SSLfatal() already called */
428
            SSL_SESSION_free(ss);
429
            return 0;
430
        }
431

R
Rich Salz 已提交
432 433 434
        if (s->ext.hostname) {
            ss->ext.hostname = OPENSSL_strdup(s->ext.hostname);
            if (ss->ext.hostname == NULL) {
435 436
                SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
                         ERR_R_INTERNAL_ERROR);
437 438 439 440 441 442 443 444
                SSL_SESSION_free(ss);
                return 0;
            }
        }
    } else {
        ss->session_id_length = 0;
    }

R
Rich Salz 已提交
445
    if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
446 447
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,
                 ERR_R_INTERNAL_ERROR);
448 449 450 451 452 453 454 455 456
        SSL_SESSION_free(ss);
        return 0;
    }
    memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
    ss->sid_ctx_length = s->sid_ctx_length;
    s->session = ss;
    ss->ssl_version = s->version;
    ss->verify_result = X509_V_OK;

457 458 459 460
    /* If client supports extended master secret set it in session */
    if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)
        ss->flags |= SSL_SESS_FLAG_EXTMS;

461
    return 1;
462
}
463

464 465
/*-
 * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
B
Bodo Möller 已提交
466 467
 * connection. It is only called by servers.
 *
468
 *   hello: The parsed ClientHello data
B
Bodo Möller 已提交
469 470
 *
 * Returns:
471 472 473
 *   -1: fatal error
 *    0: no session found
 *    1: a session may have been found.
B
Bodo Möller 已提交
474 475 476 477
 *
 * Side effects:
 *   - If a session is found then s->session is pointed at it (after freeing an
 *     existing session if need be) and s->verify_result is set from the session.
R
Rich Salz 已提交
478
 *   - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
B
Bodo Möller 已提交
479 480
 *     if the server should issue a new session ticket (to 0 otherwise).
 */
481
int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
482 483
{
    /* This is used only by servers. */
484

485
    SSL_SESSION *ret = NULL;
486
    int fatal = 0, discard;
487
    int try_session_cache = 0;
T
Todd Short 已提交
488
    SSL_TICKET_RETURN r;
489

490
    if (SSL_IS_TLS13(s)) {
491 492
        if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,
                                 SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,
493
                                 NULL, 0)
494
                || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,
495
                                        hello->pre_proc_exts, NULL, 0))
496 497 498 499 500 501 502
            return -1;

        ret = s->session;
    } else {
        /* sets s->ext.ticket_expected */
        r = tls_get_ticket_from_client(s, hello, &ret);
        switch (r) {
T
Todd Short 已提交
503 504
        case SSL_TICKET_FATAL_ERR_MALLOC:
        case SSL_TICKET_FATAL_ERR_OTHER:
505
            fatal = 1;
506 507
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
                     ERR_R_INTERNAL_ERROR);
508
            goto err;
T
Todd Short 已提交
509 510
        case SSL_TICKET_NONE:
        case SSL_TICKET_EMPTY:
511 512
            if (hello->session_id_len > 0)
                try_session_cache = 1;
M
Matt Caswell 已提交
513
            break;
T
Todd Short 已提交
514 515 516
        case SSL_TICKET_NO_DECRYPT:
        case SSL_TICKET_SUCCESS:
        case SSL_TICKET_SUCCESS_RENEW:
517 518
            break;
        }
519
    }
B
Bodo Möller 已提交
520

521 522
    if (try_session_cache &&
        ret == NULL &&
523
        !(s->session_ctx->session_cache_mode &
524 525
          SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
        SSL_SESSION data;
526

527
        data.ssl_version = s->version;
528 529 530
        memcpy(data.session_id, hello->session_id, hello->session_id_len);
        data.session_id_length = hello->session_id_len;

531
        CRYPTO_THREAD_read_lock(s->session_ctx->lock);
532 533 534
        ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
        if (ret != NULL) {
            /* don't allow other threads to steal it: */
535
            SSL_SESSION_up_ref(ret);
536
        }
537
        CRYPTO_THREAD_unlock(s->session_ctx->lock);
538
        if (ret == NULL)
539 540
            CRYPTO_atomic_add(&s->session_ctx->stats.sess_miss, 1, &discard,
                              s->session_ctx->lock);
541 542 543 544 545
    }

    if (try_session_cache &&
        ret == NULL && s->session_ctx->get_session_cb != NULL) {
        int copy = 1;
546 547 548

        ret = s->session_ctx->get_session_cb(s, hello->session_id,
                                             hello->session_id_len,
E
Emilia Kasper 已提交
549
                                             &copy);
550

551
        if (ret != NULL) {
552 553
            CRYPTO_atomic_add(&s->session_ctx->stats.sess_cb_hit, 1, &discard,
                              s->session_ctx->lock);
554 555 556 557 558 559 560 561 562

            /*
             * Increment reference count now if the session callback asks us
             * to do so (note that if the session structures returned by the
             * callback are shared between threads, it must handle the
             * reference count itself [i.e. copy == 0], or things won't be
             * thread-safe).
             */
            if (copy)
563
                SSL_SESSION_up_ref(ret);
564 565 566 567 568 569

            /*
             * Add the externally cached session to the internal cache as
             * well if and only if we are supposed to.
             */
            if (!
570
                (s->session_ctx->session_cache_mode &
M
Matt Caswell 已提交
571
                 SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
572
                /*
573 574 575
                 * Either return value of SSL_CTX_add_session should not
                 * interrupt the session resumption process. The return
                 * value is intentionally ignored.
576
                 */
577
                SSL_CTX_add_session(s->session_ctx, ret);
M
Matt Caswell 已提交
578
            }
579 580 581 582 583 584 585 586
        }
    }

    if (ret == NULL)
        goto err;

    /* Now ret is non-NULL and we own one of its reference counts. */

587 588 589 590
    /* Check TLS version consistency */
    if (ret->ssl_version != s->version)
        goto err;

591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610
    if (ret->sid_ctx_length != s->sid_ctx_length
        || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
        /*
         * We have the session requested by the client, but we don't want to
         * use it in this context.
         */
        goto err;               /* treat like cache miss */
    }

    if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
        /*
         * We can't be sure if this session is being used out of context,
         * which is especially important for SSL_VERIFY_PEER. The application
         * should have used SSL[_CTX]_set_session_id_context. For this error
         * case, we generate an error instead of treating the event like a
         * cache miss (otherwise it would be easy for applications to
         * effectively disable the session cache by accident without anyone
         * noticing).
         */

611 612
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
                 SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
613 614 615 616 617
        fatal = 1;
        goto err;
    }

    if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
618 619
        CRYPTO_atomic_add(&s->session_ctx->stats.sess_timeout, 1, &discard,
                          s->session_ctx->lock);
620 621 622 623 624 625 626
        if (try_session_cache) {
            /* session was from the cache, so remove it */
            SSL_CTX_remove_session(s->session_ctx, ret);
        }
        goto err;
    }

627 628 629 630
    /* Check extended master secret extension consistency */
    if (ret->flags & SSL_SESS_FLAG_EXTMS) {
        /* If old session includes extms, but new does not: abort handshake */
        if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)) {
631 632
            SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL_GET_PREV_SESSION,
                     SSL_R_INCONSISTENT_EXTMS);
633 634 635 636 637 638 639 640
            fatal = 1;
            goto err;
        }
    } else if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
        /* If new session includes extms, but old does not: do not resume */
        goto err;
    }

641 642 643 644 645
    if (!SSL_IS_TLS13(s)) {
        /* We already did this for TLS1.3 */
        SSL_SESSION_free(s->session);
        s->session = ret;
    }
646

647 648
    CRYPTO_atomic_add(&s->session_ctx->stats.sess_hit, 1, &discard,
                      s->session_ctx->lock);
649 650
    s->verify_result = s->session->verify_result;
    return 1;
651 652

 err:
653 654
    if (ret != NULL) {
        SSL_SESSION_free(ret);
655
        /* In TLSv1.3 s->session was already set to ret, so we NULL it out */
656 657
        if (SSL_IS_TLS13(s))
            s->session = NULL;
658

659 660 661 662 663
        if (!try_session_cache) {
            /*
             * The session was from a ticket, so we should issue a ticket for
             * the new session
             */
R
Rich Salz 已提交
664
            s->ext.ticket_expected = 1;
665 666
        }
    }
667
    if (fatal)
668
        return -1;
669 670

    return 0;
671
}
672

U
Ulf Möller 已提交
673
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
674
{
675
    int ret = 0, discard;
676 677 678 679 680 681 682
    SSL_SESSION *s;

    /*
     * add just 1 reference count for the SSL_CTX's session cache even though
     * it has two ways of access: each session is in a doubly linked list and
     * an lhash
     */
683
    SSL_SESSION_up_ref(c);
684 685 686 687
    /*
     * if session c is in already in cache, we take back the increment later
     */

688
    CRYPTO_THREAD_write_lock(ctx->lock);
689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706
    s = lh_SSL_SESSION_insert(ctx->sessions, c);

    /*
     * s != NULL iff we already had a session with the given PID. In this
     * case, s == c should hold (then we did not really modify
     * ctx->sessions), or we're in trouble.
     */
    if (s != NULL && s != c) {
        /* We *are* in trouble ... */
        SSL_SESSION_list_remove(ctx, s);
        SSL_SESSION_free(s);
        /*
         * ... so pretend the other session did not exist in cache (we cannot
         * handle two SSL_SESSION structures with identical session ID in the
         * same cache, which could happen e.g. when two threads concurrently
         * obtain the same session from an external cache)
         */
        s = NULL;
707 708 709 710 711 712 713 714 715
    } else if (s == NULL &&
               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */

        /*
         * ... so take back the extra reference and also don't add
         * the session to the SSL_SESSION_list at this time
         */
        s = c;
716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737
    }

    /* Put at the head of the queue unless it is already in the cache */
    if (s == NULL)
        SSL_SESSION_list_add(ctx, c);

    if (s != NULL) {
        /*
         * existing cache entry -- decrement previously incremented reference
         * count because it already takes into account the cache
         */

        SSL_SESSION_free(s);    /* s == c */
        ret = 0;
    } else {
        /*
         * new cache entry -- remove old ones if cache has become too large
         */

        ret = 1;

        if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
E
Emilia Kasper 已提交
738
            while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
739 740 741
                if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
                    break;
                else
742 743
                    CRYPTO_atomic_add(&ctx->stats.sess_cache_full, 1, &discard,
                                      ctx->lock);
744 745 746
            }
        }
    }
747 748
    CRYPTO_THREAD_unlock(ctx->lock);
    return ret;
749
}
750

U
Ulf Möller 已提交
751
int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
752
{
753
    return remove_session_lock(ctx, c, 1);
754 755
}

756
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
757 758 759 760 761 762
{
    SSL_SESSION *r;
    int ret = 0;

    if ((c != NULL) && (c->session_id_length != 0)) {
        if (lck)
763
            CRYPTO_THREAD_write_lock(ctx->lock);
M
Matt Caswell 已提交
764
        if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) {
765
            ret = 1;
M
Matt Caswell 已提交
766 767
            r = lh_SSL_SESSION_delete(ctx->sessions, r);
            SSL_SESSION_list_remove(ctx, r);
768
        }
769
        c->not_resumable = 1;
770 771

        if (lck)
772
            CRYPTO_THREAD_unlock(ctx->lock);
773

774
        if (ret)
775
            SSL_SESSION_free(r);
776 777 778

        if (ctx->remove_session_cb != NULL)
            ctx->remove_session_cb(ctx, c);
779 780
    } else
        ret = 0;
K
KaoruToda 已提交
781
    return ret;
782
}
783

U
Ulf Möller 已提交
784
void SSL_SESSION_free(SSL_SESSION *ss)
785 786
{
    int i;
787

788
    CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
R
Rich Salz 已提交
789
    REF_PRINT_COUNT("SSL_SESSION", ss);
790 791
    if (i > 0)
        return;
R
Rich Salz 已提交
792
    REF_ASSERT_ISNT(i < 0);
793

794
    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
795

R
Rich Salz 已提交
796 797
    OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
    OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
R
Rich Salz 已提交
798
    X509_free(ss->peer);
799
    sk_X509_pop_free(ss->peer_chain, X509_free);
R
Rich Salz 已提交
800
    sk_SSL_CIPHER_free(ss->ciphers);
R
Rich Salz 已提交
801 802
    OPENSSL_free(ss->ext.hostname);
    OPENSSL_free(ss->ext.tick);
803
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
804 805 806 807 808 809
    OPENSSL_free(ss->ext.ecpointformats);
    ss->ext.ecpointformats = NULL;
    ss->ext.ecpointformats_len = 0;
    OPENSSL_free(ss->ext.supportedgroups);
    ss->ext.supportedgroups = NULL;
    ss->ext.supportedgroups_len = 0;
E
Emilia Kasper 已提交
810
#endif                          /* OPENSSL_NO_EC */
811
#ifndef OPENSSL_NO_PSK
R
Rich Salz 已提交
812 813
    OPENSSL_free(ss->psk_identity_hint);
    OPENSSL_free(ss->psk_identity);
B
Ben Laurie 已提交
814 815
#endif
#ifndef OPENSSL_NO_SRP
R
Rich Salz 已提交
816
    OPENSSL_free(ss->srp_username);
817
#endif
818
    OPENSSL_free(ss->ext.alpn_selected);
819
    OPENSSL_free(ss->ext.tick_nonce);
T
Todd Short 已提交
820
    OPENSSL_free(ss->ticket_appdata);
821
    CRYPTO_THREAD_lock_free(ss->lock);
R
Rich Salz 已提交
822
    OPENSSL_clear_free(ss, sizeof(*ss));
823
}
824

825 826 827 828
int SSL_SESSION_up_ref(SSL_SESSION *ss)
{
    int i;

829
    if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
830 831 832 833 834 835 836
        return 0;

    REF_PRINT_COUNT("SSL_SESSION", ss);
    REF_ASSERT_ISNT(i < 2);
    return ((i > 1) ? 1 : 0);
}

U
Ulf Möller 已提交
837
int SSL_set_session(SSL *s, SSL_SESSION *session)
838
{
839 840 841 842 843
    ssl_clear_bad_session(s);
    if (s->ctx->method != s->method) {
        if (!SSL_set_ssl_method(s, s->ctx->method))
            return 0;
    }
844

845
    if (session != NULL) {
846
        SSL_SESSION_up_ref(session);
847
        s->verify_result = session->verify_result;
848
    }
849 850 851 852
    SSL_SESSION_free(s->session);
    s->session = session;

    return 1;
853
}
854

855 856 857 858 859 860 861 862 863
int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
                        unsigned int sid_len)
{
    if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
      SSLerr(SSL_F_SSL_SESSION_SET1_ID,
             SSL_R_SSL_SESSION_ID_TOO_LONG);
      return 0;
    }
    s->session_id_length = sid_len;
864 865
    if (sid != s->session_id)
        memcpy(s->session_id, sid, sid_len);
866 867 868
    return 1;
}

U
Ulf Möller 已提交
869
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
870 871
{
    if (s == NULL)
K
KaoruToda 已提交
872
        return 0;
873
    s->timeout = t;
874
    return 1;
875
}
876

B
Ben Laurie 已提交
877
long SSL_SESSION_get_timeout(const SSL_SESSION *s)
878 879
{
    if (s == NULL)
K
KaoruToda 已提交
880 881
        return 0;
    return s->timeout;
882
}
883

B
Ben Laurie 已提交
884
long SSL_SESSION_get_time(const SSL_SESSION *s)
885 886
{
    if (s == NULL)
K
KaoruToda 已提交
887 888
        return 0;
    return s->time;
889
}
890

U
Ulf Möller 已提交
891
long SSL_SESSION_set_time(SSL_SESSION *s, long t)
892 893
{
    if (s == NULL)
K
KaoruToda 已提交
894
        return 0;
895
    s->time = t;
K
KaoruToda 已提交
896
    return t;
897
}
898

899 900 901 902 903
int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
{
    return s->ssl_version;
}

904 905 906 907 908 909
int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version)
{
    s->ssl_version = version;
    return 1;
}

R
Rich Salz 已提交
910 911 912 913
const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
{
    return s->cipher;
}
M
Matt Caswell 已提交
914 915 916 917 918 919

int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher)
{
    s->cipher = cipher;
    return 1;
}
R
Rich Salz 已提交
920

L
Lyon Chen 已提交
921 922
const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
{
R
Rich Salz 已提交
923
    return s->ext.hostname;
L
Lyon Chen 已提交
924 925
}

926 927 928 929 930 931 932 933 934 935 936 937
int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname)
{
    OPENSSL_free(s->ext.hostname);
    if (hostname == NULL) {
        s->ext.hostname = NULL;
        return 1;
    }
    s->ext.hostname = OPENSSL_strdup(hostname);

    return s->ext.hostname != NULL;
}

938 939
int SSL_SESSION_has_ticket(const SSL_SESSION *s)
{
R
Rich Salz 已提交
940
    return (s->ext.ticklen > 0) ? 1 : 0;
941 942 943 944
}

unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
{
R
Rich Salz 已提交
945
    return s->ext.tick_lifetime_hint;
946 947
}

948
void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
E
Emilia Kasper 已提交
949
                             size_t *len)
950
{
R
Rich Salz 已提交
951
    *len = s->ext.ticklen;
V
Viktor Dukhovni 已提交
952
    if (tick != NULL)
R
Rich Salz 已提交
953
        *tick = s->ext.tick;
954 955
}

956 957 958 959 960
uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
{
    return s->ext.max_early_data;
}

961 962 963 964 965 966 967
int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
{
    s->ext.max_early_data = max_early_data;

    return 1;
}

968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994
void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
                                    const unsigned char **alpn,
                                    size_t *len)
{
    *alpn = s->ext.alpn_selected;
    *len = s->ext.alpn_selected_len;
}

int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
                                   size_t len)
{
    OPENSSL_free(s->ext.alpn_selected);
    if (alpn == NULL || len == 0) {
        s->ext.alpn_selected = NULL;
        s->ext.alpn_selected_len = 0;
        return 1;
    }
    s->ext.alpn_selected = OPENSSL_memdup(alpn, len);
    if (s->ext.alpn_selected == NULL) {
        s->ext.alpn_selected_len = 0;
        return 0;
    }
    s->ext.alpn_selected_len = len;

    return 1;
}

995
X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008
{
    return s->peer;
}

int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
                                unsigned int sid_ctx_len)
{
    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
        SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
        return 0;
    }
    s->sid_ctx_length = sid_ctx_len;
1009 1010
    if (sid_ctx != s->sid_ctx)
        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
1011 1012 1013

    return 1;
}
1014

1015 1016 1017 1018 1019 1020 1021 1022 1023 1024
int SSL_SESSION_is_resumable(const SSL_SESSION *s)
{
    /*
     * In the case of EAP-FAST, we can have a pre-shared "ticket" without a
     * session ID.
     */
    return !s->not_resumable
           && (s->session_id_length > 0 || s->ext.ticklen > 0);
}

U
Ulf Möller 已提交
1025
long SSL_CTX_set_timeout(SSL_CTX *s, long t)
1026 1027 1028
{
    long l;
    if (s == NULL)
K
KaoruToda 已提交
1029
        return 0;
1030 1031
    l = s->session_timeout;
    s->session_timeout = t;
K
KaoruToda 已提交
1032
    return l;
1033
}
1034

B
Ben Laurie 已提交
1035
long SSL_CTX_get_timeout(const SSL_CTX *s)
1036 1037
{
    if (s == NULL)
K
KaoruToda 已提交
1038 1039
        return 0;
    return s->session_timeout;
1040
}
1041

1042
int SSL_set_session_secret_cb(SSL *s,
R
Rich Salz 已提交
1043
                              tls_session_secret_cb_fn tls_session_secret_cb,
1044 1045 1046
                              void *arg)
{
    if (s == NULL)
K
KaoruToda 已提交
1047
        return 0;
R
Rich Salz 已提交
1048 1049
    s->ext.session_secret_cb = tls_session_secret_cb;
    s->ext.session_secret_cb_arg = arg;
1050
    return 1;
1051
}
D
Dr. Stephen Henson 已提交
1052 1053

int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
1054 1055 1056
                                  void *arg)
{
    if (s == NULL)
K
KaoruToda 已提交
1057
        return 0;
R
Rich Salz 已提交
1058 1059
    s->ext.session_ticket_cb = cb;
    s->ext.session_ticket_cb_arg = arg;
1060
    return 1;
1061
}
D
Dr. Stephen Henson 已提交
1062 1063

int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
1064 1065
{
    if (s->version >= TLS1_VERSION) {
R
Rich Salz 已提交
1066 1067 1068
        OPENSSL_free(s->ext.session_ticket);
        s->ext.session_ticket = NULL;
        s->ext.session_ticket =
1069
            OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
R
Rich Salz 已提交
1070
        if (s->ext.session_ticket == NULL) {
1071 1072 1073 1074
            SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
            return 0;
        }

R
Rich Salz 已提交
1075
        if (ext_data != NULL) {
R
Rich Salz 已提交
1076 1077 1078
            s->ext.session_ticket->length = ext_len;
            s->ext.session_ticket->data = s->ext.session_ticket + 1;
            memcpy(s->ext.session_ticket->data, ext_data, ext_len);
1079
        } else {
R
Rich Salz 已提交
1080 1081
            s->ext.session_ticket->length = 0;
            s->ext.session_ticket->data = NULL;
1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094
        }

        return 1;
    }

    return 0;
}

typedef struct timeout_param_st {
    SSL_CTX *ctx;
    long time;
    LHASH_OF(SSL_SESSION) *cache;
} TIMEOUT_PARAM;
1095

D
Dr. Stephen Henson 已提交
1096
static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p)
1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110
{
    if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
        /*
         * The reason we don't call SSL_CTX_remove_session() is to save on
         * locking overhead
         */
        (void)lh_SSL_SESSION_delete(p->cache, s);
        SSL_SESSION_list_remove(p->ctx, s);
        s->not_resumable = 1;
        if (p->ctx->remove_session_cb != NULL)
            p->ctx->remove_session_cb(p->ctx, s);
        SSL_SESSION_free(s);
    }
}
1111

D
Dr. Stephen Henson 已提交
1112
IMPLEMENT_LHASH_DOALL_ARG(SSL_SESSION, TIMEOUT_PARAM);
1113

U
Ulf Möller 已提交
1114
void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
1115 1116 1117 1118 1119 1120 1121 1122 1123
{
    unsigned long i;
    TIMEOUT_PARAM tp;

    tp.ctx = s;
    tp.cache = s->sessions;
    if (tp.cache == NULL)
        return;
    tp.time = t;
1124
    CRYPTO_THREAD_write_lock(s->lock);
1125 1126
    i = lh_SSL_SESSION_get_down_load(s->sessions);
    lh_SSL_SESSION_set_down_load(s->sessions, 0);
D
Dr. Stephen Henson 已提交
1127
    lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
1128
    lh_SSL_SESSION_set_down_load(s->sessions, i);
1129
    CRYPTO_THREAD_unlock(s->lock);
1130
}
1131

U
Ulf Möller 已提交
1132
int ssl_clear_bad_session(SSL *s)
1133 1134 1135 1136
{
    if ((s->session != NULL) &&
        !(s->shutdown & SSL_SENT_SHUTDOWN) &&
        !(SSL_in_init(s) || SSL_in_before(s))) {
1137
        SSL_CTX_remove_session(s->session_ctx, s->session);
1138
        return 1;
1139
    } else
K
KaoruToda 已提交
1140
        return 0;
1141
}
1142 1143

/* locked by SSL_CTX in the calling function */
U
Ulf Möller 已提交
1144
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171
{
    if ((s->next == NULL) || (s->prev == NULL))
        return;

    if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
        /* last element in list */
        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
            /* only one element in list */
            ctx->session_cache_head = NULL;
            ctx->session_cache_tail = NULL;
        } else {
            ctx->session_cache_tail = s->prev;
            s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
        }
    } else {
        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
            /* first element in list */
            ctx->session_cache_head = s->next;
            s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        } else {
            /* middle of list */
            s->next->prev = s->prev;
            s->prev->next = s->next;
        }
    }
    s->prev = s->next = NULL;
}
1172

U
Ulf Möller 已提交
1173
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189
{
    if ((s->next != NULL) && (s->prev != NULL))
        SSL_SESSION_list_remove(ctx, s);

    if (ctx->session_cache_head == NULL) {
        ctx->session_cache_head = s;
        ctx->session_cache_tail = s;
        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
    } else {
        s->next = ctx->session_cache_head;
        s->next->prev = s;
        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        ctx->session_cache_head = s;
    }
}
1190

N
Nils Larsch 已提交
1191
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
E
Emilia Kasper 已提交
1192
                             int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
1193 1194 1195
{
    ctx->new_session_cb = cb;
}
N
Nils Larsch 已提交
1196

1197 1198 1199
int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
    return ctx->new_session_cb;
}
N
Nils Larsch 已提交
1200 1201

void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
1202 1203 1204 1205
                                void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
{
    ctx->remove_session_cb = cb;
}
N
Nils Larsch 已提交
1206

1207 1208 1209 1210
void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
                                                  SSL_SESSION *sess) {
    return ctx->remove_session_cb;
}
N
Nils Larsch 已提交
1211 1212

void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
1213
                             SSL_SESSION *(*cb) (struct ssl_st *ssl,
E
Emilia Kasper 已提交
1214 1215
                                                 const unsigned char *data,
                                                 int len, int *copy))
1216 1217 1218 1219 1220
{
    ctx->get_session_cb = cb;
}

SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
E
Emilia Kasper 已提交
1221 1222 1223
                                                       const unsigned char
                                                       *data, int len,
                                                       int *copy) {
1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236
    return ctx->get_session_cb;
}

void SSL_CTX_set_info_callback(SSL_CTX *ctx,
                               void (*cb) (const SSL *ssl, int type, int val))
{
    ctx->info_callback = cb;
}

void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
                                                 int val) {
    return ctx->info_callback;
}
N
Nils Larsch 已提交
1237 1238

void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
1239 1240 1241 1242 1243
                                int (*cb) (SSL *ssl, X509 **x509,
                                           EVP_PKEY **pkey))
{
    ctx->client_cert_cb = cb;
}
N
Nils Larsch 已提交
1244

1245 1246 1247 1248
int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
                                                 EVP_PKEY **pkey) {
    return ctx->client_cert_cb;
}
N
Nils Larsch 已提交
1249

1250 1251
#ifndef OPENSSL_NO_ENGINE
int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265
{
    if (!ENGINE_init(e)) {
        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
        return 0;
    }
    if (!ENGINE_get_ssl_client_cert_function(e)) {
        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
               SSL_R_NO_CLIENT_CERT_METHOD);
        ENGINE_finish(e);
        return 0;
    }
    ctx->client_cert_engine = e;
    return 1;
}
1266 1267
#endif

N
Nils Larsch 已提交
1268
void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
1269 1270 1271 1272 1273 1274
                                    int (*cb) (SSL *ssl,
                                               unsigned char *cookie,
                                               unsigned int *cookie_len))
{
    ctx->app_gen_cookie_cb = cb;
}
N
Nils Larsch 已提交
1275 1276

void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
E
Emilia Kasper 已提交
1277 1278
                                  int (*cb) (SSL *ssl,
                                             const unsigned char *cookie,
1279 1280 1281 1282
                                             unsigned int cookie_len))
{
    ctx->app_verify_cookie_cb = cb;
}
N
Nils Larsch 已提交
1283

T
Todd Short 已提交
1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306
int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len)
{
    OPENSSL_free(ss->ticket_appdata);
    ss->ticket_appdata_len = 0;
    if (data == NULL || len == 0) {
        ss->ticket_appdata = NULL;
        return 1;
    }
    ss->ticket_appdata = OPENSSL_memdup(data, len);
    if (ss->ticket_appdata != NULL) {
        ss->ticket_appdata_len = len;
        return 1;
    }
    return 0;
}

int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len)
{
    *data = ss->ticket_appdata;
    *len = ss->ticket_appdata_len;
    return 1;
}

1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324
void SSL_CTX_set_stateless_cookie_generate_cb(
    SSL_CTX *ctx,
    int (*cb) (SSL *ssl,
               unsigned char *cookie,
               size_t *cookie_len))
{
    ctx->gen_stateless_cookie_cb = cb;
}

void SSL_CTX_set_stateless_cookie_verify_cb(
    SSL_CTX *ctx,
    int (*cb) (SSL *ssl,
               const unsigned char *cookie,
               size_t cookie_len))
{
    ctx->verify_stateless_cookie_cb = cb;
}

E
Emilia Kasper 已提交
1325
IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)