ssl_sess.c 35.8 KB
Newer Older
R
Rich Salz 已提交
1 2
/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3
 *
R
Rich Salz 已提交
4 5 6 7
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
8
 */
R
Rich Salz 已提交
9

10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */
36 37

#include <stdio.h>
38 39
#include <openssl/lhash.h>
#include <openssl/rand.h>
R
Rich Salz 已提交
40
#include <openssl/engine.h>
41
#include "ssl_locl.h"
42
#include "statem/statem_locl.h"
43

44
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
45
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
46
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
47

48 49 50 51 52 53 54 55 56
/*
 * TODO(TLS1.3): SSL_get_session() and SSL_get1_session() are problematic in
 * TLS1.3 because, unlike in earlier protocol versions, the session ticket
 * may not have been sent yet even though a handshake has finished. The session
 * ticket data could come in sometime later...or even change if multiple session
 * ticket messages are sent from the server. We need to work out how to deal
 * with this.
 */

B
Ben Laurie 已提交
57
SSL_SESSION *SSL_get_session(const SSL *ssl)
58
/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
59 60 61
{
    return (ssl->session);
}
62 63 64

SSL_SESSION *SSL_get1_session(SSL *ssl)
/* variant of SSL_get_session: caller really gets something */
65 66 67 68 69 70 71
{
    SSL_SESSION *sess;
    /*
     * Need to lock this all up rather than just use CRYPTO_add so that
     * somebody doesn't free ssl->session between when we check it's non-null
     * and when we up the reference count.
     */
72
    CRYPTO_THREAD_read_lock(ssl->lock);
73 74
    sess = ssl->session;
    if (sess)
75 76 77
        SSL_SESSION_up_ref(sess);
    CRYPTO_THREAD_unlock(ssl->lock);
    return sess;
78 79
}

U
Ulf Möller 已提交
80
int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
81 82 83
{
    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
}
84

B
Ben Laurie 已提交
85
void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
86 87 88
{
    return (CRYPTO_get_ex_data(&s->ex_data, idx));
}
89

U
Ulf Möller 已提交
90
SSL_SESSION *SSL_SESSION_new(void)
91 92 93
{
    SSL_SESSION *ss;

94 95 96
    if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
        return NULL;

R
Rich Salz 已提交
97
    ss = OPENSSL_zalloc(sizeof(*ss));
98 99
    if (ss == NULL) {
        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
100
        return NULL;
101 102 103 104 105 106
    }

    ss->verify_result = 1;      /* avoid 0 (= X509_V_OK) just in case */
    ss->references = 1;
    ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */
    ss->time = (unsigned long)time(NULL);
107 108 109 110 111 112 113
    ss->lock = CRYPTO_THREAD_lock_new();
    if (ss->lock == NULL) {
        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ss);
        return NULL;
    }

114 115 116 117 118
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
        CRYPTO_THREAD_lock_free(ss->lock);
        OPENSSL_free(ss);
        return NULL;
    }
119
    return ss;
120
}
121

122 123 124 125 126 127 128 129 130 131 132 133 134 135
/*
 * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
 * ticket == 0 then no ticket information is duplicated, otherwise it is.
 */
SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
{
    SSL_SESSION *dest;

    dest = OPENSSL_malloc(sizeof(*src));
    if (dest == NULL) {
        goto err;
    }
    memcpy(dest, src, sizeof(*dest));

M
Matt Caswell 已提交
136 137 138 139 140 141 142 143 144
    /*
     * Set the various pointers to NULL so that we can call SSL_SESSION_free in
     * the case of an error whilst halfway through constructing dest
     */
#ifndef OPENSSL_NO_PSK
    dest->psk_identity_hint = NULL;
    dest->psk_identity = NULL;
#endif
    dest->ciphers = NULL;
R
Rich Salz 已提交
145
    dest->ext.hostname = NULL;
M
Matt Caswell 已提交
146
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
147 148
    dest->ext.ecpointformats = NULL;
    dest->ext.supportedgroups = NULL;
M
Matt Caswell 已提交
149
#endif
R
Rich Salz 已提交
150
    dest->ext.tick = NULL;
M
Matt Caswell 已提交
151 152 153 154 155 156 157 158 159 160 161
#ifndef OPENSSL_NO_SRP
    dest->srp_username = NULL;
#endif
    memset(&dest->ex_data, 0, sizeof(dest->ex_data));

    /* We deliberately don't copy the prev and next pointers */
    dest->prev = NULL;
    dest->next = NULL;

    dest->references = 1;

162 163 164 165
    dest->lock = CRYPTO_THREAD_lock_new();
    if (dest->lock == NULL)
        goto err;

M
Matt Caswell 已提交
166
    if (src->peer != NULL)
D
Dr. Stephen Henson 已提交
167
        X509_up_ref(src->peer);
M
Matt Caswell 已提交
168

169 170 171 172 173
    if (src->peer_chain != NULL) {
        dest->peer_chain = X509_chain_up_ref(src->peer_chain);
        if (dest->peer_chain == NULL)
            goto err;
    }
174 175
#ifndef OPENSSL_NO_PSK
    if (src->psk_identity_hint) {
R
Rich Salz 已提交
176
        dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
177 178 179 180 181
        if (dest->psk_identity_hint == NULL) {
            goto err;
        }
    }
    if (src->psk_identity) {
R
Rich Salz 已提交
182
        dest->psk_identity = OPENSSL_strdup(src->psk_identity);
183 184 185 186 187 188
        if (dest->psk_identity == NULL) {
            goto err;
        }
    }
#endif

189
    if (src->ciphers != NULL) {
190 191 192 193 194 195
        dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
        if (dest->ciphers == NULL)
            goto err;
    }

    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
E
Emilia Kasper 已提交
196
                            &dest->ex_data, &src->ex_data)) {
197 198 199
        goto err;
    }

R
Rich Salz 已提交
200 201 202
    if (src->ext.hostname) {
        dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);
        if (dest->ext.hostname == NULL) {
203 204 205
            goto err;
        }
    }
M
Matt Caswell 已提交
206
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
207 208 209 210 211
    if (src->ext.ecpointformats) {
        dest->ext.ecpointformats =
            OPENSSL_memdup(src->ext.ecpointformats,
                           src->ext.ecpointformats_len);
        if (dest->ext.ecpointformats == NULL)
212 213
            goto err;
    }
R
Rich Salz 已提交
214 215 216 217 218
    if (src->ext.supportedgroups) {
        dest->ext.supportedgroups =
            OPENSSL_memdup(src->ext.supportedgroups,
                           src->ext.supportedgroups_len);
        if (dest->ext.supportedgroups == NULL)
219 220 221 222 223
            goto err;
    }
#endif

    if (ticket != 0) {
R
Rich Salz 已提交
224 225 226
        dest->ext.tick =
            OPENSSL_memdup(src->ext.tick, src->ext.ticklen);
        if (dest->ext.tick == NULL)
227
            goto err;
M
Matt Caswell 已提交
228
    } else {
R
Rich Salz 已提交
229 230
        dest->ext.tick_lifetime_hint = 0;
        dest->ext.ticklen = 0;
231 232 233 234
    }

#ifndef OPENSSL_NO_SRP
    if (src->srp_username) {
R
Rich Salz 已提交
235
        dest->srp_username = OPENSSL_strdup(src->srp_username);
236 237 238 239 240 241 242
        if (dest->srp_username == NULL) {
            goto err;
        }
    }
#endif

    return dest;
E
Emilia Kasper 已提交
243
 err:
244 245 246 247 248
    SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
    SSL_SESSION_free(dest);
    return NULL;
}

E
Emilia Kasper 已提交
249
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
250 251
{
    if (len)
252
        *len = (unsigned int)s->session_id_length;
253 254
    return s->session_id;
}
255 256 257 258
const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
                                                unsigned int *len)
{
    if (len != NULL)
259
        *len = (unsigned int)s->sid_ctx_length;
260 261
    return s->sid_ctx;
}
262

263
unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
264 265 266 267 268 269 270 271 272 273 274 275 276 277
{
    return s->compress_meth;
}

/*
 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
 * the ID with random junk repeatedly until we have no conflict is going to
 * complete in one iteration pretty much "most" of the time (btw:
 * understatement). So, if it takes us 10 iterations and we still can't avoid
 * a conflict - well that's a reasonable point to call it quits. Either the
 * RAND code is broken or someone is trying to open roughly very close to
 * 2^256 SSL sessions to our server. How you might store that many sessions
 * is perhaps a more interesting question ...
 */
278 279 280

#define MAX_SESS_ID_ATTEMPTS 10
static int def_generate_session_id(const SSL *ssl, unsigned char *id,
281
                                   unsigned int *id_len)
282
{
283 284
    unsigned int retry = 0;
    do
M
Matt Caswell 已提交
285
        if (RAND_bytes(id, *id_len) <= 0)
286 287 288 289 290 291 292 293 294 295 296 297 298 299 300
            return 0;
    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
           (++retry < MAX_SESS_ID_ATTEMPTS)) ;
    if (retry < MAX_SESS_ID_ATTEMPTS)
        return 1;
    /* else - woops a session_id match */
    /*
     * XXX We should also check the external cache -- but the probability of
     * a collision is negligible, and we could not prevent the concurrent
     * creation of sessions with identical IDs since we currently don't have
     * means to atomically check whether a session ID already exists and make
     * a reservation for it if it does not (this problem applies to the
     * internal cache as well).
     */
    return 0;
301 302
}

U
Ulf Möller 已提交
303
int ssl_get_new_session(SSL *s, int session)
304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319
{
    /* This gets used by clients and servers. */

    unsigned int tmp;
    SSL_SESSION *ss = NULL;
    GEN_SESSION_CB cb = def_generate_session_id;

    if ((ss = SSL_SESSION_new()) == NULL)
        return (0);

    /* If the context has a default timeout, use it */
    if (s->session_ctx->session_timeout == 0)
        ss->timeout = SSL_get_default_timeout(s);
    else
        ss->timeout = s->session_ctx->session_timeout;

R
Rich Salz 已提交
320 321
    SSL_SESSION_free(s->session);
    s->session = NULL;
322 323 324 325 326 327 328 329 330 331 332 333 334 335

    if (session) {
        if (s->version == SSL3_VERSION) {
            ss->ssl_version = SSL3_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        } else if (s->version == TLS1_VERSION) {
            ss->ssl_version = TLS1_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        } else if (s->version == TLS1_1_VERSION) {
            ss->ssl_version = TLS1_1_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        } else if (s->version == TLS1_2_VERSION) {
            ss->ssl_version = TLS1_2_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
336 337 338
        } else if (s->version == TLS1_3_VERSION) {
            ss->ssl_version = TLS1_3_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
339 340 341 342 343 344 345 346 347 348 349 350 351 352
        } else if (s->version == DTLS1_BAD_VER) {
            ss->ssl_version = DTLS1_BAD_VER;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        } else if (s->version == DTLS1_VERSION) {
            ss->ssl_version = DTLS1_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        } else if (s->version == DTLS1_2_VERSION) {
            ss->ssl_version = DTLS1_2_VERSION;
            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
        } else {
            SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
            SSL_SESSION_free(ss);
            return (0);
        }
353

M
Matt Caswell 已提交
354 355 356 357 358
        /*-
         * If RFC5077 ticket, use empty session ID (as server).
         * Note that:
         * (a) ssl_get_prev_session() does lookahead into the
         *     ClientHello extensions to find the session ticket.
M
Matt Caswell 已提交
359 360
         *     When ssl_get_prev_session() fails, statem_srvr.c calls
         *     ssl_get_new_session() in tls_process_client_hello().
M
Matt Caswell 已提交
361 362 363 364
         *     At that point, it has not yet parsed the extensions,
         *     however, because of the lookahead, it already knows
         *     whether a ticket is expected or not.
         *
M
Matt Caswell 已提交
365
         * (b) statem_clnt.c calls ssl_get_new_session() before parsing
M
Matt Caswell 已提交
366 367 368
         *     ServerHello extensions, and before recording the session
         *     ID received from the server, so this block is a noop.
         */
R
Rich Salz 已提交
369
        if (s->ext.ticket_expected) {
370 371 372
            ss->session_id_length = 0;
            goto sess_id_done;
        }
373

374
        /* Choose which callback will set the session ID */
375 376
        CRYPTO_THREAD_read_lock(s->lock);
        CRYPTO_THREAD_read_lock(s->session_ctx->lock);
377 378 379 380
        if (s->generate_session_id)
            cb = s->generate_session_id;
        else if (s->session_ctx->generate_session_id)
            cb = s->session_ctx->generate_session_id;
381 382
        CRYPTO_THREAD_unlock(s->session_ctx->lock);
        CRYPTO_THREAD_unlock(s->lock);
383
        /* Choose a session ID */
K
Kurt Roeckx 已提交
384
        memset(ss->session_id, 0, ss->session_id_length);
385
        tmp = (int)ss->session_id_length;
386 387 388 389 390 391 392 393 394 395 396
        if (!cb(s, ss->session_id, &tmp)) {
            /* The callback failed */
            SSLerr(SSL_F_SSL_GET_NEW_SESSION,
                   SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
            SSL_SESSION_free(ss);
            return (0);
        }
        /*
         * Don't allow the callback to set the session length to zero. nor
         * set it higher than it was.
         */
R
Rich Salz 已提交
397
        if (tmp == 0 || tmp > ss->session_id_length) {
398 399 400 401 402 403 404 405 406
            /* The callback set an illegal length */
            SSLerr(SSL_F_SSL_GET_NEW_SESSION,
                   SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
            SSL_SESSION_free(ss);
            return (0);
        }
        ss->session_id_length = tmp;
        /* Finally, check for a conflict */
        if (SSL_has_matching_session_id(s, ss->session_id,
407
                                        (unsigned int)ss->session_id_length)) {
408 409 410 411
            SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT);
            SSL_SESSION_free(ss);
            return (0);
        }
412

413
 sess_id_done:
R
Rich Salz 已提交
414 415 416
        if (s->ext.hostname) {
            ss->ext.hostname = OPENSSL_strdup(s->ext.hostname);
            if (ss->ext.hostname == NULL) {
417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436
                SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
                SSL_SESSION_free(ss);
                return 0;
            }
        }
    } else {
        ss->session_id_length = 0;
    }

    if (s->sid_ctx_length > sizeof ss->sid_ctx) {
        SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
        SSL_SESSION_free(ss);
        return 0;
    }
    memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
    ss->sid_ctx_length = s->sid_ctx_length;
    s->session = ss;
    ss->ssl_version = s->version;
    ss->verify_result = X509_V_OK;

437 438 439 440
    /* If client supports extended master secret set it in session */
    if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)
        ss->flags |= SSL_SESS_FLAG_EXTMS;

441 442
    return (1);
}
443

444 445
/*-
 * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
B
Bodo Möller 已提交
446 447
 * connection. It is only called by servers.
 *
448
 *   hello: The parsed ClientHello data
B
Bodo Möller 已提交
449 450
 *
 * Returns:
451 452 453
 *   -1: fatal error
 *    0: no session found
 *    1: a session may have been found.
B
Bodo Möller 已提交
454 455 456 457
 *
 * Side effects:
 *   - If a session is found then s->session is pointed at it (after freeing an
 *     existing session if need be) and s->verify_result is set from the session.
R
Rich Salz 已提交
458
 *   - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
B
Bodo Möller 已提交
459 460
 *     if the server should issue a new session ticket (to 0 otherwise).
 */
461
int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
462 463
{
    /* This is used only by servers. */
464

465 466
    SSL_SESSION *ret = NULL;
    int fatal = 0;
467
    int try_session_cache = 0;
468
    TICKET_RETURN r;
469

470 471
    if (SSL_IS_TLS13(s)) {
        int al;
B
Bodo Möller 已提交
472

473 474 475 476 477 478 479 480 481
        if (!tls_parse_extension(s, TLSEXT_IDX_psk, EXT_CLIENT_HELLO,
                                 hello->pre_proc_exts, NULL, 0, &al))
            return -1;

        ret = s->session;
    } else {
        /* sets s->ext.ticket_expected */
        r = tls_get_ticket_from_client(s, hello, &ret);
        switch (r) {
482 483
        case TICKET_FATAL_ERR_MALLOC:
        case TICKET_FATAL_ERR_OTHER: /* Error during processing */
484 485
            fatal = 1;
            goto err;
486 487
        case TICKET_NONE:            /* No ticket found */
        case TICKET_EMPTY:           /* Zero length ticket found */
488
            try_session_cache = 1;
489 490 491 492
            break;                   /* Ok to carry on processing session id. */
        case TICKET_NO_DECRYPT:      /* Ticket found but not decrypted. */
        case TICKET_SUCCESS:         /* Ticket decrypted, *ret has been set. */
        case TICKET_SUCCESS_RENEW:
493 494
            break;
        }
495
    }
B
Bodo Möller 已提交
496

497 498
    if (try_session_cache &&
        ret == NULL &&
499
        !(s->session_ctx->session_cache_mode &
500 501
          SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
        SSL_SESSION data;
502

503
        data.ssl_version = s->version;
K
Kurt Roeckx 已提交
504
        memset(data.session_id, 0, sizeof(data.session_id));
505 506 507
        memcpy(data.session_id, hello->session_id, hello->session_id_len);
        data.session_id_length = hello->session_id_len;

508
        CRYPTO_THREAD_read_lock(s->session_ctx->lock);
509 510 511
        ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
        if (ret != NULL) {
            /* don't allow other threads to steal it: */
512
            SSL_SESSION_up_ref(ret);
513
        }
514
        CRYPTO_THREAD_unlock(s->session_ctx->lock);
515 516 517 518 519 520 521
        if (ret == NULL)
            s->session_ctx->stats.sess_miss++;
    }

    if (try_session_cache &&
        ret == NULL && s->session_ctx->get_session_cb != NULL) {
        int copy = 1;
522 523 524

        ret = s->session_ctx->get_session_cb(s, hello->session_id,
                                             hello->session_id_len,
E
Emilia Kasper 已提交
525
                                             &copy);
526

527
        if (ret != NULL) {
528 529 530 531 532 533 534 535 536 537
            s->session_ctx->stats.sess_cb_hit++;

            /*
             * Increment reference count now if the session callback asks us
             * to do so (note that if the session structures returned by the
             * callback are shared between threads, it must handle the
             * reference count itself [i.e. copy == 0], or things won't be
             * thread-safe).
             */
            if (copy)
538
                SSL_SESSION_up_ref(ret);
539 540 541 542 543 544

            /*
             * Add the externally cached session to the internal cache as
             * well if and only if we are supposed to.
             */
            if (!
545
                (s->session_ctx->session_cache_mode &
M
Matt Caswell 已提交
546
                 SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
547 548 549 550
                /*
                 * The following should not return 1, otherwise, things are
                 * very strange
                 */
V
Viktor Dukhovni 已提交
551
                if (SSL_CTX_add_session(s->session_ctx, ret))
M
Matt Caswell 已提交
552 553
                    goto err;
            }
554 555 556 557 558 559 560 561
        }
    }

    if (ret == NULL)
        goto err;

    /* Now ret is non-NULL and we own one of its reference counts. */

562 563 564 565
    /* Check TLS version consistency */
    if (ret->ssl_version != s->version)
        goto err;

566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600
    if (ret->sid_ctx_length != s->sid_ctx_length
        || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
        /*
         * We have the session requested by the client, but we don't want to
         * use it in this context.
         */
        goto err;               /* treat like cache miss */
    }

    if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
        /*
         * We can't be sure if this session is being used out of context,
         * which is especially important for SSL_VERIFY_PEER. The application
         * should have used SSL[_CTX]_set_session_id_context. For this error
         * case, we generate an error instead of treating the event like a
         * cache miss (otherwise it would be easy for applications to
         * effectively disable the session cache by accident without anyone
         * noticing).
         */

        SSLerr(SSL_F_SSL_GET_PREV_SESSION,
               SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
        fatal = 1;
        goto err;
    }

    if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
        s->session_ctx->stats.sess_timeout++;
        if (try_session_cache) {
            /* session was from the cache, so remove it */
            SSL_CTX_remove_session(s->session_ctx, ret);
        }
        goto err;
    }

601 602 603 604 605 606 607 608 609 610 611 612 613 614
    /* Check extended master secret extension consistency */
    if (ret->flags & SSL_SESS_FLAG_EXTMS) {
        /* If old session includes extms, but new does not: abort handshake */
        if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)) {
            SSLerr(SSL_F_SSL_GET_PREV_SESSION, SSL_R_INCONSISTENT_EXTMS);
            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
            fatal = 1;
            goto err;
        }
    } else if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {
        /* If new session includes extms, but old does not: do not resume */
        goto err;
    }

615 616 617 618 619
    if (!SSL_IS_TLS13(s)) {
        /* We already did this for TLS1.3 */
        SSL_SESSION_free(s->session);
        s->session = ret;
    }
620

621
    s->session_ctx->stats.sess_hit++;
622 623
    s->verify_result = s->session->verify_result;
    return 1;
624 625

 err:
626 627
    if (ret != NULL) {
        SSL_SESSION_free(ret);
628
        /* In TLSv1.3 s->session was already set to ret, so we NULL it out */
629 630
        if (SSL_IS_TLS13(s))
            s->session = NULL;
631

632 633 634 635 636
        if (!try_session_cache) {
            /*
             * The session was from a ticket, so we should issue a ticket for
             * the new session
             */
R
Rich Salz 已提交
637
            s->ext.ticket_expected = 1;
638 639 640 641 642 643 644
        }
    }
    if (fatal)
        return -1;
    else
        return 0;
}
645

U
Ulf Möller 已提交
646
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
647 648 649 650 651 652 653 654 655
{
    int ret = 0;
    SSL_SESSION *s;

    /*
     * add just 1 reference count for the SSL_CTX's session cache even though
     * it has two ways of access: each session is in a doubly linked list and
     * an lhash
     */
656
    SSL_SESSION_up_ref(c);
657 658 659 660
    /*
     * if session c is in already in cache, we take back the increment later
     */

661
    CRYPTO_THREAD_write_lock(ctx->lock);
662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679
    s = lh_SSL_SESSION_insert(ctx->sessions, c);

    /*
     * s != NULL iff we already had a session with the given PID. In this
     * case, s == c should hold (then we did not really modify
     * ctx->sessions), or we're in trouble.
     */
    if (s != NULL && s != c) {
        /* We *are* in trouble ... */
        SSL_SESSION_list_remove(ctx, s);
        SSL_SESSION_free(s);
        /*
         * ... so pretend the other session did not exist in cache (we cannot
         * handle two SSL_SESSION structures with identical session ID in the
         * same cache, which could happen e.g. when two threads concurrently
         * obtain the same session from an external cache)
         */
        s = NULL;
680 681 682 683 684 685 686 687 688
    } else if (s == NULL &&
               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */

        /*
         * ... so take back the extra reference and also don't add
         * the session to the SSL_SESSION_list at this time
         */
        s = c;
689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710
    }

    /* Put at the head of the queue unless it is already in the cache */
    if (s == NULL)
        SSL_SESSION_list_add(ctx, c);

    if (s != NULL) {
        /*
         * existing cache entry -- decrement previously incremented reference
         * count because it already takes into account the cache
         */

        SSL_SESSION_free(s);    /* s == c */
        ret = 0;
    } else {
        /*
         * new cache entry -- remove old ones if cache has become too large
         */

        ret = 1;

        if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
E
Emilia Kasper 已提交
711
            while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
712 713 714 715 716 717 718
                if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
                    break;
                else
                    ctx->stats.sess_cache_full++;
            }
        }
    }
719 720
    CRYPTO_THREAD_unlock(ctx->lock);
    return ret;
721
}
722

U
Ulf Möller 已提交
723
int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
724
{
725
    return remove_session_lock(ctx, c, 1);
726 727
}

728
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
729 730 731 732 733 734
{
    SSL_SESSION *r;
    int ret = 0;

    if ((c != NULL) && (c->session_id_length != 0)) {
        if (lck)
735
            CRYPTO_THREAD_write_lock(ctx->lock);
736 737 738 739 740
        if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
            ret = 1;
            r = lh_SSL_SESSION_delete(ctx->sessions, c);
            SSL_SESSION_list_remove(ctx, c);
        }
741
        c->not_resumable = 1;
742 743

        if (lck)
744
            CRYPTO_THREAD_unlock(ctx->lock);
745

746
        if (ret)
747
            SSL_SESSION_free(r);
748 749 750

        if (ctx->remove_session_cb != NULL)
            ctx->remove_session_cb(ctx, c);
751 752 753 754
    } else
        ret = 0;
    return (ret);
}
755

U
Ulf Möller 已提交
756
void SSL_SESSION_free(SSL_SESSION *ss)
757 758
{
    int i;
759

760 761
    if (ss == NULL)
        return;
B
Ben Laurie 已提交
762

763
    CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
R
Rich Salz 已提交
764
    REF_PRINT_COUNT("SSL_SESSION", ss);
765 766
    if (i > 0)
        return;
R
Rich Salz 已提交
767
    REF_ASSERT_ISNT(i < 0);
768

769
    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
770

771 772
    OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
    OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
R
Rich Salz 已提交
773
    X509_free(ss->peer);
774
    sk_X509_pop_free(ss->peer_chain, X509_free);
R
Rich Salz 已提交
775
    sk_SSL_CIPHER_free(ss->ciphers);
R
Rich Salz 已提交
776 777
    OPENSSL_free(ss->ext.hostname);
    OPENSSL_free(ss->ext.tick);
778
#ifndef OPENSSL_NO_EC
R
Rich Salz 已提交
779 780 781 782 783 784
    OPENSSL_free(ss->ext.ecpointformats);
    ss->ext.ecpointformats = NULL;
    ss->ext.ecpointformats_len = 0;
    OPENSSL_free(ss->ext.supportedgroups);
    ss->ext.supportedgroups = NULL;
    ss->ext.supportedgroups_len = 0;
E
Emilia Kasper 已提交
785
#endif                          /* OPENSSL_NO_EC */
786
#ifndef OPENSSL_NO_PSK
R
Rich Salz 已提交
787 788
    OPENSSL_free(ss->psk_identity_hint);
    OPENSSL_free(ss->psk_identity);
B
Ben Laurie 已提交
789 790
#endif
#ifndef OPENSSL_NO_SRP
R
Rich Salz 已提交
791
    OPENSSL_free(ss->srp_username);
792
#endif
793
    CRYPTO_THREAD_lock_free(ss->lock);
R
Rich Salz 已提交
794
    OPENSSL_clear_free(ss, sizeof(*ss));
795
}
796

797 798 799 800
int SSL_SESSION_up_ref(SSL_SESSION *ss)
{
    int i;

801
    if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
802 803 804 805 806 807 808
        return 0;

    REF_PRINT_COUNT("SSL_SESSION", ss);
    REF_ASSERT_ISNT(i < 2);
    return ((i > 1) ? 1 : 0);
}

U
Ulf Möller 已提交
809
int SSL_set_session(SSL *s, SSL_SESSION *session)
810
{
811 812 813 814 815
    ssl_clear_bad_session(s);
    if (s->ctx->method != s->method) {
        if (!SSL_set_ssl_method(s, s->ctx->method))
            return 0;
    }
816

817
    if (session != NULL) {
818
        SSL_SESSION_up_ref(session);
819
        s->verify_result = session->verify_result;
820
    }
821 822 823 824
    SSL_SESSION_free(s->session);
    s->session = session;

    return 1;
825
}
826

827 828 829 830 831 832 833 834 835 836 837 838 839
int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
                        unsigned int sid_len)
{
    if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
      SSLerr(SSL_F_SSL_SESSION_SET1_ID,
             SSL_R_SSL_SESSION_ID_TOO_LONG);
      return 0;
    }
    s->session_id_length = sid_len;
    memcpy(s->session_id, sid, sid_len);
    return 1;
}

U
Ulf Möller 已提交
840
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
841 842 843 844 845 846
{
    if (s == NULL)
        return (0);
    s->timeout = t;
    return (1);
}
847

B
Ben Laurie 已提交
848
long SSL_SESSION_get_timeout(const SSL_SESSION *s)
849 850 851 852 853
{
    if (s == NULL)
        return (0);
    return (s->timeout);
}
854

B
Ben Laurie 已提交
855
long SSL_SESSION_get_time(const SSL_SESSION *s)
856 857 858 859 860
{
    if (s == NULL)
        return (0);
    return (s->time);
}
861

U
Ulf Möller 已提交
862
long SSL_SESSION_set_time(SSL_SESSION *s, long t)
863 864 865 866 867 868
{
    if (s == NULL)
        return (0);
    s->time = t;
    return (t);
}
869

870 871 872 873 874
int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
{
    return s->ssl_version;
}

R
Rich Salz 已提交
875 876 877 878 879
const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
{
    return s->cipher;
}

L
Lyon Chen 已提交
880 881
const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
{
R
Rich Salz 已提交
882
    return s->ext.hostname;
L
Lyon Chen 已提交
883 884
}

885 886
int SSL_SESSION_has_ticket(const SSL_SESSION *s)
{
R
Rich Salz 已提交
887
    return (s->ext.ticklen > 0) ? 1 : 0;
888 889 890 891
}

unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
{
R
Rich Salz 已提交
892
    return s->ext.tick_lifetime_hint;
893 894
}

895
void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
E
Emilia Kasper 已提交
896
                             size_t *len)
897
{
R
Rich Salz 已提交
898
    *len = s->ext.ticklen;
V
Viktor Dukhovni 已提交
899
    if (tick != NULL)
R
Rich Salz 已提交
900
        *tick = s->ext.tick;
901 902
}

903
X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920
{
    return s->peer;
}

int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
                                unsigned int sid_ctx_len)
{
    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
        SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
        return 0;
    }
    s->sid_ctx_length = sid_ctx_len;
    memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);

    return 1;
}
921

U
Ulf Möller 已提交
922
long SSL_CTX_set_timeout(SSL_CTX *s, long t)
923 924 925 926 927 928 929 930
{
    long l;
    if (s == NULL)
        return (0);
    l = s->session_timeout;
    s->session_timeout = t;
    return (l);
}
931

B
Ben Laurie 已提交
932
long SSL_CTX_get_timeout(const SSL_CTX *s)
933 934 935 936 937
{
    if (s == NULL)
        return (0);
    return (s->session_timeout);
}
938

939
int SSL_set_session_secret_cb(SSL *s,
R
Rich Salz 已提交
940
                              tls_session_secret_cb_fn tls_session_secret_cb,
941 942 943 944
                              void *arg)
{
    if (s == NULL)
        return (0);
R
Rich Salz 已提交
945 946
    s->ext.session_secret_cb = tls_session_secret_cb;
    s->ext.session_secret_cb_arg = arg;
947 948
    return (1);
}
D
Dr. Stephen Henson 已提交
949 950

int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
951 952 953 954
                                  void *arg)
{
    if (s == NULL)
        return (0);
R
Rich Salz 已提交
955 956
    s->ext.session_ticket_cb = cb;
    s->ext.session_ticket_cb_arg = arg;
957 958
    return (1);
}
D
Dr. Stephen Henson 已提交
959 960

int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
961 962
{
    if (s->version >= TLS1_VERSION) {
R
Rich Salz 已提交
963 964 965
        OPENSSL_free(s->ext.session_ticket);
        s->ext.session_ticket = NULL;
        s->ext.session_ticket =
966
            OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
R
Rich Salz 已提交
967
        if (s->ext.session_ticket == NULL) {
968 969 970 971
            SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
            return 0;
        }

R
Rich Salz 已提交
972
        if (ext_data != NULL) {
R
Rich Salz 已提交
973 974 975
            s->ext.session_ticket->length = ext_len;
            s->ext.session_ticket->data = s->ext.session_ticket + 1;
            memcpy(s->ext.session_ticket->data, ext_data, ext_len);
976
        } else {
R
Rich Salz 已提交
977 978
            s->ext.session_ticket->length = 0;
            s->ext.session_ticket->data = NULL;
979 980 981 982 983 984 985 986 987 988 989 990 991
        }

        return 1;
    }

    return 0;
}

typedef struct timeout_param_st {
    SSL_CTX *ctx;
    long time;
    LHASH_OF(SSL_SESSION) *cache;
} TIMEOUT_PARAM;
992

D
Dr. Stephen Henson 已提交
993
static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p)
994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007
{
    if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
        /*
         * The reason we don't call SSL_CTX_remove_session() is to save on
         * locking overhead
         */
        (void)lh_SSL_SESSION_delete(p->cache, s);
        SSL_SESSION_list_remove(p->ctx, s);
        s->not_resumable = 1;
        if (p->ctx->remove_session_cb != NULL)
            p->ctx->remove_session_cb(p->ctx, s);
        SSL_SESSION_free(s);
    }
}
1008

D
Dr. Stephen Henson 已提交
1009
IMPLEMENT_LHASH_DOALL_ARG(SSL_SESSION, TIMEOUT_PARAM);
1010

U
Ulf Möller 已提交
1011
void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
1012 1013 1014 1015 1016 1017 1018 1019 1020
{
    unsigned long i;
    TIMEOUT_PARAM tp;

    tp.ctx = s;
    tp.cache = s->sessions;
    if (tp.cache == NULL)
        return;
    tp.time = t;
1021
    CRYPTO_THREAD_write_lock(s->lock);
1022 1023
    i = lh_SSL_SESSION_get_down_load(s->sessions);
    lh_SSL_SESSION_set_down_load(s->sessions, 0);
D
Dr. Stephen Henson 已提交
1024
    lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
1025
    lh_SSL_SESSION_set_down_load(s->sessions, i);
1026
    CRYPTO_THREAD_unlock(s->lock);
1027
}
1028

U
Ulf Möller 已提交
1029
int ssl_clear_bad_session(SSL *s)
1030 1031 1032 1033
{
    if ((s->session != NULL) &&
        !(s->shutdown & SSL_SENT_SHUTDOWN) &&
        !(SSL_in_init(s) || SSL_in_before(s))) {
1034
        SSL_CTX_remove_session(s->session_ctx, s->session);
1035 1036 1037 1038
        return (1);
    } else
        return (0);
}
1039 1040

/* locked by SSL_CTX in the calling function */
U
Ulf Möller 已提交
1041
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068
{
    if ((s->next == NULL) || (s->prev == NULL))
        return;

    if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
        /* last element in list */
        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
            /* only one element in list */
            ctx->session_cache_head = NULL;
            ctx->session_cache_tail = NULL;
        } else {
            ctx->session_cache_tail = s->prev;
            s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
        }
    } else {
        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
            /* first element in list */
            ctx->session_cache_head = s->next;
            s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        } else {
            /* middle of list */
            s->next->prev = s->prev;
            s->prev->next = s->next;
        }
    }
    s->prev = s->next = NULL;
}
1069

U
Ulf Möller 已提交
1070
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086
{
    if ((s->next != NULL) && (s->prev != NULL))
        SSL_SESSION_list_remove(ctx, s);

    if (ctx->session_cache_head == NULL) {
        ctx->session_cache_head = s;
        ctx->session_cache_tail = s;
        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
    } else {
        s->next = ctx->session_cache_head;
        s->next->prev = s;
        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
        ctx->session_cache_head = s;
    }
}
1087

N
Nils Larsch 已提交
1088
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
E
Emilia Kasper 已提交
1089
                             int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
1090 1091 1092
{
    ctx->new_session_cb = cb;
}
N
Nils Larsch 已提交
1093

1094 1095 1096
int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
    return ctx->new_session_cb;
}
N
Nils Larsch 已提交
1097 1098

void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
1099 1100 1101 1102
                                void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
{
    ctx->remove_session_cb = cb;
}
N
Nils Larsch 已提交
1103

1104 1105 1106 1107
void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
                                                  SSL_SESSION *sess) {
    return ctx->remove_session_cb;
}
N
Nils Larsch 已提交
1108 1109

void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
1110
                             SSL_SESSION *(*cb) (struct ssl_st *ssl,
E
Emilia Kasper 已提交
1111 1112
                                                 const unsigned char *data,
                                                 int len, int *copy))
1113 1114 1115 1116 1117
{
    ctx->get_session_cb = cb;
}

SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
E
Emilia Kasper 已提交
1118 1119 1120
                                                       const unsigned char
                                                       *data, int len,
                                                       int *copy) {
1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133
    return ctx->get_session_cb;
}

void SSL_CTX_set_info_callback(SSL_CTX *ctx,
                               void (*cb) (const SSL *ssl, int type, int val))
{
    ctx->info_callback = cb;
}

void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
                                                 int val) {
    return ctx->info_callback;
}
N
Nils Larsch 已提交
1134 1135

void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
1136 1137 1138 1139 1140
                                int (*cb) (SSL *ssl, X509 **x509,
                                           EVP_PKEY **pkey))
{
    ctx->client_cert_cb = cb;
}
N
Nils Larsch 已提交
1141

1142 1143 1144 1145
int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
                                                 EVP_PKEY **pkey) {
    return ctx->client_cert_cb;
}
N
Nils Larsch 已提交
1146

1147 1148
#ifndef OPENSSL_NO_ENGINE
int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162
{
    if (!ENGINE_init(e)) {
        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
        return 0;
    }
    if (!ENGINE_get_ssl_client_cert_function(e)) {
        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
               SSL_R_NO_CLIENT_CERT_METHOD);
        ENGINE_finish(e);
        return 0;
    }
    ctx->client_cert_engine = e;
    return 1;
}
1163 1164
#endif

N
Nils Larsch 已提交
1165
void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
1166 1167 1168 1169 1170 1171
                                    int (*cb) (SSL *ssl,
                                               unsigned char *cookie,
                                               unsigned int *cookie_len))
{
    ctx->app_gen_cookie_cb = cb;
}
N
Nils Larsch 已提交
1172 1173

void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
E
Emilia Kasper 已提交
1174 1175
                                  int (*cb) (SSL *ssl,
                                             const unsigned char *cookie,
1176 1177 1178 1179
                                             unsigned int cookie_len))
{
    ctx->app_verify_cookie_cb = cb;
}
N
Nils Larsch 已提交
1180

E
Emilia Kasper 已提交
1181
IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)