| /freebsd/crypto/openssl/test/ssl-tests/ |
| H A D | 06-sni-ticket.cnf | 5 test-0 = 0-sni-session-ticket
6 test-1 = 1-sni-session-ticket
7 test-2 = 2-sni-session-ticket
8 test-3 = 3-sni-session-ticket
9 test-4 = 4-sni-session-ticket
10 test-5 = 5-sni-session-ticket
11 test-6 = 6-sni-session-ticket
12 test-7 = 7-sni-session-ticket
13 test-8 = 8-sni-session-ticket
14 test-9 = 9-sni-session-ticket
[all …]
|
| H A D | 27-ticket-appdata.cnf | 5 test-0 = 0-session-ticket-app-data12
6 test-1 = 1-session-ticket-app-data12
7 test-2 = 2-session-ticket-app-data13
8 test-3 = 3-session-ticket-app-data13
11 [0-session-ticket-app-data12]
12 ssl_conf = 0-session-ticket-app-data12-ssl
14 [0-session-ticket-app-data12-ssl]
15 server = 0-session-ticket-app-data12-server
16 client = 0-session-ticket-app-data12-client
17 resume-server = 0-session-ticket-app-data12-server
[all …]
|
| /freebsd/contrib/libpcap/rpcapd/ |
| H A D | daemon.c | 110 struct session { struct
136 uint32 plen, char *source, struct session **sessionp, argument
139 struct session *session);
142 struct session *session, uint32 plen);
143 static int daemon_unpackapplyfilter(PCAP_SOCKET sockctrl, SSL *, struct session *session, uint32 *p…
146 struct session *session, uint32 plen, struct pcap_stat *stats,
163 static void session_close(struct session *);
232 struct session *session = NULL; // struct session main variable in daemon_serviceloop() local
750 if ((!pars.isactive) && (session == NULL || session->sockdata == 0)) in daemon_serviceloop()
902 plen, source, &session, &samp_param, in daemon_serviceloop()
[all …]
|
| /freebsd/crypto/openssl/test/recipes/ |
| H A D | 70-test_tlsextms.t | 97 (undef, my $session) = tempfile();
99 $proxy->clientflags("-no_tls1_3 -sess_out ".$session);
102 $proxy->clientflags("-no_tls1_3 -sess_in ".$session);
105 unlink $session;
114 (undef, $session) = tempfile();
116 $proxy->clientflags("-no_tls1_3 -sess_out ".$session);
119 $proxy->clientflags("-no_tls1_3 -sess_in ".$session);
123 unlink $session;
131 (undef, $session) = tempfile();
133 $proxy->clientflags("-no_tls1_3 -sess_out ".$session);
[all …]
|
| H A D | 70-test_sslsessiontick.t | 79 (undef, my $session) = tempfile();
81 $proxy->clientflags("-no_tls1_3 -sess_out ".$session);
84 $proxy->clientflags("-no_tls1_3 -sess_in ".$session);
87 unlink $session;
93 (undef, $session) = tempfile();
95 $proxy->clientflags("-no_tls1_3 -sess_out ".$session." -no_ticket");
98 $proxy->clientflags("-no_tls1_3 -sess_in ".$session);
102 unlink $session;
115 (undef, $session) = tempfile();
118 $proxy->clientflags("-no_tls1_3 -sess_out ".$session);
[all …]
|
| H A D | 70-test_tls13psk.t | 48 (undef, my $session) = tempfile();
49 $proxy->clientflags("-sess_out ".$session);
51 $proxy->sessionfile($session);
58 $proxy->clientflags("-sess_in ".$session);
67 $proxy->clientflags("-sess_in ".$session);
85 $proxy->clientflags("-sess_in ".$session);
108 $proxy->clientflags("-sess_in ".$session);
113 unlink $session;
|
| /freebsd/crypto/openssl/doc/man3/ |
| H A D | SSL_CTX_set_session_cache_mode.pod | 5 SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/disable session caching
16 SSL_CTX_set_session_cache_mode() enables/disables session caching
28 In order to reuse a session, a client must send the session's id to the
30 agrees to reuse the session or it starts a full handshake (to create a new
31 session).
33 A server will look up the session in its internal session storage. If the
34 session is not found in internal storage or lookups for the internal storage
38 Since a client may try to reuse a session intended for use in a different
39 context, the session id context must be set by the server (see
42 The following session cache modes and modifiers are available:
[all …]
|
| H A D | SSL_CTX_add_session.pod | 5 SSL_CTX_add_session, SSL_CTX_remove_session - manipulate session cache
17 SSL_CTX_add_session() adds the session B<c> to the context B<ctx>. The
18 reference count for session B<c> is incremented by 1. If a session with
19 the same session id already exists, the old session is removed by calling
22 SSL_CTX_remove_session() removes the session B<c> from the context B<ctx> and
27 When adding a new session to the internal session cache, it is examined
28 whether a session with the same session id already exists. In this case
29 it is assumed that both sessions are identical. If the same session is
30 stored in a different SSL_SESSION object, The old session is
31 removed and replaced by the new session. If the session is actually
[all …]
|
| H A D | SSL_CTX_sess_set_get_cb.pod | 5 …e_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching
32 called whenever a new session was negotiated.
35 called whenever a session is removed by the SSL engine. For example,
36 this can occur because a session is considered faulty or has become obsolete
40 whenever a TLS client proposed to resume a session but the session
41 could not be found in the internal session cache (see
52 In order to allow external session caching, synchronization with the internal
53 session cache is realized via callback functions. Inside these callback
54 functions, session can be saved to disk or put into a database using the
57 The new_session_cb() is called whenever a new session has been negotiated and
[all …]
|
| H A D | SSL_CTX_set_generate_session_id.pod | 7 - manipulate generation of SSL session IDs (server only)
24 new session ids for SSL/TLS sessions for B<ctx> to be B<cb>.
27 new session ids for SSL/TLS sessions for B<ssl> to be B<cb>.
29 SSL_has_matching_session_id() checks, whether a session with id B<id>
30 (of length B<id_len>) is already contained in the internal session cache
35 When a new session is established between client and server, the server
36 generates a session id. The session id is an arbitrary sequence of bytes.
37 The length of the session id is between 1 and 32 bytes. The session id is not
38 security critical but must be unique for the server. Additionally, the session id is
39 transmitted in the clear when reusing the session so it must not contain
[all …]
|
| H A D | SSL_set_session.pod | 5 SSL_set_session - set a TLS/SSL session to be used during TLS/SSL connect
11 int SSL_set_session(SSL *ssl, SSL_SESSION *session);
15 SSL_set_session() sets B<session> to be used when the TLS/SSL connection
17 When the session is set, the reference count of B<session> is incremented
18 by 1. If the session is not reused, the reference count is decremented
19 again during SSL_connect(). Whether the session was reused can be queried
22 If there is already a session set inside B<ssl> (because it was set with
24 a connection), SSL_SESSION_free() will be called for that session.
25 This is also the case when B<session> is a NULL pointer. If that old
26 session is still B<open>, it is considered bad and will be removed from the
[all …]
|
| H A D | SSL_get_session.pod | 5 SSL_get_session, SSL_get0_session, SSL_get1_session - retrieve TLS/SSL session data
28 The ssl session contains all information required to re-establish the
31 main handshake has occurred. The server will send the session information to the
34 in TLSv1.3 before the session has been established will still return an
35 SSL_SESSION object but that object cannot be used for resuming the session. See
40 session for a single connection. In that case, on the client side, the above
41 functions will only return information on the last session that was received. On
42 the server side they will only return information on the last session that was
43 sent, or if no session tickets were sent then the session for the current
47 to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.
[all …]
|
| H A D | SSL_CTX_set_session_id_context.pod | 5 SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can b…
19 B<sid_ctx_len> within which a session can be reused for the B<ctx> object.
22 B<sid_ctx_len> within which a session can be reused for the B<ssl> object.
28 to re-import a session generated from another context (e.g. another
30 must set its own session id context B<sid_ctx> which is used to distinguish
36 The session id context becomes part of the session. The session id context
41 OpenSSL clients will check the session id context returned by the server
42 when reusing a session.
49 If the session id context is not set on an SSL/TLS server and client
54 If a server returns a different session id context to an OpenSSL client
[all …]
|
| H A D | SSL_CTX_set_session_ticket_cb.pod | 9 SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data
32 with a session, and placed into a session ticket. Either callback function may
35 B<gen_cb> is the application defined callback invoked when a session ticket is
37 at this time to add application data to the session ticket. The value of B<arg>
41 B<dec_cb> is the application defined callback invoked after session ticket
42 decryption has been attempted and any session ticket application data is
44 the session data. The B<keyname> and B<keyname_len> arguments identify the key
45 used to decrypt the session ticket. The B<status> argument is the result of the
51 B<data> and B<len> into B<ss> which is then placed into any generated session
52 tickets. It can be called at any time before a session ticket is created to
[all …]
|
| H A D | SSL_CTX_set_tlsext_ticket_key_cb.pod | 7 - set a callback for session ticket processing
30 session tickets for the ssl context I<sslctx>. Session tickets, defined in
31 RFC5077 provide an enhanced session resumption capability where the server
32 implementation is not required to maintain per session state. It only applies
36 session when session ticket extension is presented in the TLS hello
41 ticket construction state according to RFC5077 Section 4 such that per session
45 In order to reuse a session, a TLS client must send the session ticket
46 extension to the server. The client must send exactly one session ticket.
47 The server, through the callback function, either agrees to reuse the session
48 ticket information or it starts a full TLS handshake to create a new session
[all …]
|
| H A D | SSL_CTX_sess_set_cache_size.pod | 5 SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size - manipulate session cache size
16 SSL_CTX_sess_set_cache_size() sets the size of the internal session cache
20 SSL_CTX_sess_get_cache_size() returns the currently valid session cache size.
24 The internal session cache size is SSL_SESSION_CACHE_MAX_SIZE_DEFAULT,
29 If adding the session makes the cache exceed its size, then unused
35 If the size of the session cache is reduced and more sessions are already
36 in the session cache, old session will be removed at the next time a
37 session shall be added. This removal is not synchronized with the
|
| /freebsd/crypto/openssh/ |
| H A D | pkcs11.h | 716 typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session,
752 (ck_session_handle_t session, unsigned char *pin,
755 (ck_session_handle_t session, unsigned char *old_pin,
762 ck_session_handle_t *session));
763 _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
766 (ck_session_handle_t session,
769 (ck_session_handle_t session,
773 (ck_session_handle_t session,
779 (ck_session_handle_t session, ck_user_type_t user_type,
781 _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session));
[all …]
|
| H A D | ssh-pkcs11.c | 54 CK_SESSION_HANDLE session; member
119 if (p->slotinfo[i].session && in pkcs11_provider_finalize()
121 p->slotinfo[i].session)) != CKR_OK) in pkcs11_provider_finalize()
220 CK_SESSION_HANDLE session; in pkcs11_find() local
226 session = p->slotinfo[slotidx].session; in pkcs11_find()
227 if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) { in pkcs11_find()
231 if ((rv = f->C_FindObjects(session, obj, 1, &nfound)) != CKR_OK || in pkcs11_find()
237 if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK) in pkcs11_find()
270 rv = provider->function_list->C_Login(si->session, type, (u_char *)pin, in pkcs11_login_slot()
334 rv = f->C_GetAttributeValue(si->session, obj, &attr, 1); in pkcs11_check_obj_bool_attrib()
[all …]
|
| /freebsd/crypto/heimdal/lib/hx509/ref/ |
| H A D | pkcs11.h | 716 typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session,
752 (ck_session_handle_t session, unsigned char *pin,
755 (ck_session_handle_t session, unsigned char *old_pin,
762 ck_session_handle_t *session));
763 _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session));
766 (ck_session_handle_t session,
769 (ck_session_handle_t session,
773 (ck_session_handle_t session,
779 (ck_session_handle_t session, ck_user_type_t user_type,
781 _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session));
[all …]
|
| /freebsd/crypto/heimdal/lib/hx509/ |
| H A D | test_soft_pkcs11.c | 42 find_object(CK_SESSION_HANDLE session, in find_object() argument
57 ret = (*func->C_FindObjectsInit)(session, search_data, num_search_data); in find_object()
61 ret = (*func->C_FindObjects)(session, object, 1, &object_count); in find_object()
69 ret = (*func->C_FindObjectsFinal)(session); in find_object()
89 CK_SESSION_HANDLE session; in main() local
123 NULL, NULL, &session); in main()
132 ret = (*func->C_Login)(session, CKU_USER, in main()
145 ret = find_object(session, "cert", CKO_PUBLIC_KEY, &public); in main()
148 ret = find_object(session, "cert", CKO_PRIVATE_KEY, &private); in main()
159 ret = (*func->C_SignInit)(session, &mechanism, private); in main()
[all …]
|
| H A D | ks_p11.c | 50 CK_SESSION_HANDLE session; member
131 CK_SESSION_HANDLE session; in p11_rsa_private_encrypt() local
144 ret = p11_get_session(NULL, p11rsa->p, p11rsa->slot, NULL, &session); in p11_rsa_private_encrypt()
148 ret = P11FUNC(p11rsa->p, SignInit, (session, &mechanism, key)); in p11_rsa_private_encrypt()
150 p11_put_session(p11rsa->p, p11rsa->slot, session); in p11_rsa_private_encrypt()
155 (session, (CK_BYTE *)(intptr_t)from, flen, to, &ck_sigsize)); in p11_rsa_private_encrypt()
156 p11_put_session(p11rsa->p, p11rsa->slot, session); in p11_rsa_private_encrypt()
169 CK_SESSION_HANDLE session; in p11_rsa_private_decrypt() local
182 ret = p11_get_session(NULL, p11rsa->p, p11rsa->slot, NULL, &session); in p11_rsa_private_decrypt()
186 ret = P11FUNC(p11rsa->p, DecryptInit, (session, &mechanism, key)); in p11_rsa_private_decrypt()
[all …]
|
| /freebsd/sys/opencrypto/ |
| H A D | cryptodev_if.m | 42 * @brief Probe to see if a crypto driver supports a session.
45 * creating a session for symmetric crypto operations to determine if
47 * session.
49 * If the driver does not support a session with the requested
52 * If the driver does support a session with the requested parameters,
63 * @param csp crypto session parameters
65 * @retval negative if the driver supports this session - the
67 * driver for the session
68 * @retval EINVAL if the driver does not support the session
77 * @brief Initialize a new crypto session object
[all …]
|
| /freebsd/sys/contrib/openzfs/module/os/freebsd/zfs/ |
| H A D | crypto_os.c | 165 zfs_crypto_dispatch(freebsd_crypt_session_t *session, struct cryptop *crp) in zfs_crypto_dispatch() argument
169 crp->crp_opaque = session; in zfs_crypto_dispatch()
182 mtx_lock(&session->fs_lock); in zfs_crypto_dispatch()
183 while (session->fs_done == false) { in zfs_crypto_dispatch()
184 msleep(crp, &session->fs_lock, 0, in zfs_crypto_dispatch()
187 mtx_unlock(&session->fs_lock); in zfs_crypto_dispatch()
199 session->fs_done = false; in zfs_crypto_dispatch()
336 freebsd_crypt_session_t *session = NULL; in freebsd_crypt_uio() local
346 session = kmem_zalloc(sizeof (*session), KM_SLEEP); in freebsd_crypt_uio()
347 error = freebsd_crypt_newsession(session, c_info, key); in freebsd_crypt_uio()
[all …]
|
| /freebsd/contrib/wpa/src/crypto/ |
| H A D | tls_gnutls.c | 46 gnutls_session_t session; member
68 static int tls_connection_verify_peer(gnutls_session_t session);
204 ret = gnutls_init(&conn->session, in tls_gnutls_init_session()
212 ret = gnutls_set_default_priority(conn->session); in tls_gnutls_init_session()
216 ret = gnutls_priority_set_direct(conn->session, "NORMAL:-VERS-SSL3.0", in tls_gnutls_init_session()
224 gnutls_transport_set_pull_function(conn->session, tls_pull_func); in tls_gnutls_init_session()
225 gnutls_transport_set_push_function(conn->session, tls_push_func); in tls_gnutls_init_session()
226 gnutls_transport_set_ptr(conn->session, (gnutls_transport_ptr_t) conn); in tls_gnutls_init_session()
227 gnutls_session_set_ptr(conn->session, conn); in tls_gnutls_init_session()
234 gnutls_deinit(conn->session); in tls_gnutls_init_session()
[all …]
|
| /freebsd/crypto/openssl/doc/man1/ |
| H A D | openssl-sess_id.pod.in | 6 openssl-sess_id - SSL/TLS session handling command
23 This command processes the encoded version of the SSL session
24 structure and optionally prints out SSL session details (for example
25 the SSL session master key) in human readable format. Since this is a
45 For B<NSS> output, the session ID and master key are reported in NSS "keylog"
50 This specifies the input filename to read session information from or standard
55 This specifies the output filename to write session information to or standard
65 If a certificate is present in the session it will be output using this option,
70 This option prevents output of the encoded version of the session.
74 This option can set the session id so the output session information uses the
[all …]
|