1e71b7053SJung-uk Kim /*
244096ebdSEnji Cooper * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
31f13597dSJung-uk Kim * Copyright 2005 Nokia. All rights reserved.
41f13597dSJung-uk Kim *
5b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use
6e71b7053SJung-uk Kim * this file except in compliance with the License. You can obtain a copy
7e71b7053SJung-uk Kim * in the file LICENSE in the source distribution or at
8e71b7053SJung-uk Kim * https://www.openssl.org/source/license.html
91f13597dSJung-uk Kim */
1074664626SKris Kennaway
11b077aed3SPierre Pronchery #if defined(__TANDEM) && defined(_SPT_MODEL_)
12b077aed3SPierre Pronchery # include <spthread.h>
13b077aed3SPierre Pronchery # include <spt_extensions.h> /* timeval */
14b077aed3SPierre Pronchery #endif
1574664626SKris Kennaway #include <stdio.h>
1674664626SKris Kennaway #include <openssl/rand.h>
17db522d3aSSimon L. B. Nielsen #include <openssl/engine.h>
18e71b7053SJung-uk Kim #include "internal/refcount.h"
19e71b7053SJung-uk Kim #include "internal/cryptlib.h"
2017f01e99SJung-uk Kim #include "ssl_local.h"
2117f01e99SJung-uk Kim #include "statem/statem_local.h"
2274664626SKris Kennaway
2374664626SKris Kennaway static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
2474664626SKris Kennaway static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
2574664626SKris Kennaway static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
2674664626SKris Kennaway
DEFINE_STACK_OF(SSL_SESSION)27b077aed3SPierre Pronchery DEFINE_STACK_OF(SSL_SESSION)
28b077aed3SPierre Pronchery
29b077aed3SPierre Pronchery __owur static int sess_timedout(time_t t, SSL_SESSION *ss)
30b077aed3SPierre Pronchery {
31b077aed3SPierre Pronchery /* if timeout overflowed, it can never timeout! */
32b077aed3SPierre Pronchery if (ss->timeout_ovf)
33b077aed3SPierre Pronchery return 0;
34b077aed3SPierre Pronchery return t > ss->calc_timeout;
35b077aed3SPierre Pronchery }
36b077aed3SPierre Pronchery
37b077aed3SPierre Pronchery /*
38b077aed3SPierre Pronchery * Returns -1/0/+1 as other XXXcmp-type functions
39b077aed3SPierre Pronchery * Takes overflow of calculated timeout into consideration
40b077aed3SPierre Pronchery */
timeoutcmp(SSL_SESSION * a,SSL_SESSION * b)41b077aed3SPierre Pronchery __owur static int timeoutcmp(SSL_SESSION *a, SSL_SESSION *b)
42b077aed3SPierre Pronchery {
43b077aed3SPierre Pronchery /* if only one overflowed, then it is greater */
44b077aed3SPierre Pronchery if (a->timeout_ovf && !b->timeout_ovf)
45b077aed3SPierre Pronchery return 1;
46b077aed3SPierre Pronchery if (!a->timeout_ovf && b->timeout_ovf)
47b077aed3SPierre Pronchery return -1;
48b077aed3SPierre Pronchery /* No overflow, or both overflowed, so straight compare is safe */
49b077aed3SPierre Pronchery if (a->calc_timeout < b->calc_timeout)
50b077aed3SPierre Pronchery return -1;
51b077aed3SPierre Pronchery if (a->calc_timeout > b->calc_timeout)
52b077aed3SPierre Pronchery return 1;
53b077aed3SPierre Pronchery return 0;
54b077aed3SPierre Pronchery }
55b077aed3SPierre Pronchery
56*a7148ab3SEnji Cooper #ifdef __DJGPP__ /* time_t is unsigned on djgpp, it's signed anywhere else */
57*a7148ab3SEnji Cooper # define TMAX(_type_) ((time_t)-1)
58*a7148ab3SEnji Cooper #else
59*a7148ab3SEnji Cooper # define TMAX(_type_) ((time_t)(((_type_)-1) >> 1))
60*a7148ab3SEnji Cooper #endif
61*a7148ab3SEnji Cooper
62*a7148ab3SEnji Cooper #define CALCULATE_TIMEOUT(_ss_, _type_) do { \
63*a7148ab3SEnji Cooper _type_ overflow; \
64*a7148ab3SEnji Cooper time_t tmax = TMAX(_type_); \
65*a7148ab3SEnji Cooper overflow = (_type_)tmax - (_type_)(_ss_)->time; \
66*a7148ab3SEnji Cooper if ((_ss_)->timeout > (time_t)overflow) { \
67*a7148ab3SEnji Cooper (_ss_)->timeout_ovf = 1; \
68*a7148ab3SEnji Cooper (_ss_)->calc_timeout = (_ss_)->timeout - (time_t)overflow; \
69*a7148ab3SEnji Cooper } else { \
70*a7148ab3SEnji Cooper (_ss_)->timeout_ovf = 0; \
71*a7148ab3SEnji Cooper (_ss_)->calc_timeout = (_ss_)->time + (_ss_)->timeout; \
72*a7148ab3SEnji Cooper } \
73*a7148ab3SEnji Cooper } while (0)
74b077aed3SPierre Pronchery /*
75b077aed3SPierre Pronchery * Calculates effective timeout, saving overflow state
76b077aed3SPierre Pronchery * Locking must be done by the caller of this function
77b077aed3SPierre Pronchery */
ssl_session_calculate_timeout(SSL_SESSION * ss)78b077aed3SPierre Pronchery void ssl_session_calculate_timeout(SSL_SESSION *ss)
79b077aed3SPierre Pronchery {
80*a7148ab3SEnji Cooper
81*a7148ab3SEnji Cooper if (sizeof(time_t) == 8)
82*a7148ab3SEnji Cooper CALCULATE_TIMEOUT(ss, uint64_t);
83*a7148ab3SEnji Cooper else
84*a7148ab3SEnji Cooper CALCULATE_TIMEOUT(ss, uint32_t);
85*a7148ab3SEnji Cooper
86b077aed3SPierre Pronchery /*
87b077aed3SPierre Pronchery * N.B. Realistic overflow can only occur in our lifetimes on a
88b077aed3SPierre Pronchery * 32-bit machine in January 2038.
89b077aed3SPierre Pronchery * However, There are no controls to limit the |timeout|
90b077aed3SPierre Pronchery * value, except to keep it positive.
91b077aed3SPierre Pronchery */
92b077aed3SPierre Pronchery }
93b077aed3SPierre Pronchery
94e71b7053SJung-uk Kim /*
95e71b7053SJung-uk Kim * SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because,
96e71b7053SJung-uk Kim * unlike in earlier protocol versions, the session ticket may not have been
97e71b7053SJung-uk Kim * sent yet even though a handshake has finished. The session ticket data could
98e71b7053SJung-uk Kim * come in sometime later...or even change if multiple session ticket messages
99e71b7053SJung-uk Kim * are sent from the server. The preferred way for applications to obtain
100e71b7053SJung-uk Kim * a resumable session is to use SSL_CTX_sess_set_new_cb().
101e71b7053SJung-uk Kim */
102e71b7053SJung-uk Kim
SSL_get_session(const SSL * ssl)1033b4e3dcbSSimon L. B. Nielsen SSL_SESSION *SSL_get_session(const SSL *ssl)
104f579bf8eSKris Kennaway /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
10574664626SKris Kennaway {
106e71b7053SJung-uk Kim return ssl->session;
10774664626SKris Kennaway }
10874664626SKris Kennaway
SSL_get1_session(SSL * ssl)109f579bf8eSKris Kennaway SSL_SESSION *SSL_get1_session(SSL *ssl)
110f579bf8eSKris Kennaway /* variant of SSL_get_session: caller really gets something */
111f579bf8eSKris Kennaway {
112f579bf8eSKris Kennaway SSL_SESSION *sess;
1136f9291ceSJung-uk Kim /*
1146f9291ceSJung-uk Kim * Need to lock this all up rather than just use CRYPTO_add so that
1156f9291ceSJung-uk Kim * somebody doesn't free ssl->session between when we check it's non-null
1166f9291ceSJung-uk Kim * and when we up the reference count.
1176f9291ceSJung-uk Kim */
118b077aed3SPierre Pronchery if (!CRYPTO_THREAD_read_lock(ssl->lock))
119b077aed3SPierre Pronchery return NULL;
120f579bf8eSKris Kennaway sess = ssl->session;
121f579bf8eSKris Kennaway if (sess)
122e71b7053SJung-uk Kim SSL_SESSION_up_ref(sess);
123e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(ssl->lock);
124e71b7053SJung-uk Kim return sess;
12574664626SKris Kennaway }
12674664626SKris Kennaway
SSL_SESSION_set_ex_data(SSL_SESSION * s,int idx,void * arg)12774664626SKris Kennaway int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
12874664626SKris Kennaway {
129e71b7053SJung-uk Kim return CRYPTO_set_ex_data(&s->ex_data, idx, arg);
13074664626SKris Kennaway }
13174664626SKris Kennaway
SSL_SESSION_get_ex_data(const SSL_SESSION * s,int idx)1323b4e3dcbSSimon L. B. Nielsen void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
13374664626SKris Kennaway {
134e71b7053SJung-uk Kim return CRYPTO_get_ex_data(&s->ex_data, idx);
13574664626SKris Kennaway }
13674664626SKris Kennaway
SSL_SESSION_new(void)13774664626SKris Kennaway SSL_SESSION *SSL_SESSION_new(void)
13874664626SKris Kennaway {
13974664626SKris Kennaway SSL_SESSION *ss;
14074664626SKris Kennaway
141e71b7053SJung-uk Kim if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
142e71b7053SJung-uk Kim return NULL;
143e71b7053SJung-uk Kim
144e71b7053SJung-uk Kim ss = OPENSSL_zalloc(sizeof(*ss));
1456f9291ceSJung-uk Kim if (ss == NULL) {
146b077aed3SPierre Pronchery ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
147e71b7053SJung-uk Kim return NULL;
14874664626SKris Kennaway }
14974664626SKris Kennaway
150*a7148ab3SEnji Cooper ss->ext.max_fragment_len_mode = TLSEXT_max_fragment_length_UNSPECIFIED;
151f579bf8eSKris Kennaway ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
15274664626SKris Kennaway ss->references = 1;
15374664626SKris Kennaway ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */
154b077aed3SPierre Pronchery ss->time = time(NULL);
155b077aed3SPierre Pronchery ssl_session_calculate_timeout(ss);
156e71b7053SJung-uk Kim ss->lock = CRYPTO_THREAD_lock_new();
157e71b7053SJung-uk Kim if (ss->lock == NULL) {
158b077aed3SPierre Pronchery ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
159e71b7053SJung-uk Kim OPENSSL_free(ss);
160e71b7053SJung-uk Kim return NULL;
161e71b7053SJung-uk Kim }
162e71b7053SJung-uk Kim
163e71b7053SJung-uk Kim if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
164e71b7053SJung-uk Kim CRYPTO_THREAD_lock_free(ss->lock);
165e71b7053SJung-uk Kim OPENSSL_free(ss);
166e71b7053SJung-uk Kim return NULL;
167e71b7053SJung-uk Kim }
168e71b7053SJung-uk Kim return ss;
169e71b7053SJung-uk Kim }
170e71b7053SJung-uk Kim
171ed6b93beSJung-uk Kim /*
172ed6b93beSJung-uk Kim * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
173ed6b93beSJung-uk Kim * ticket == 0 then no ticket information is duplicated, otherwise it is.
174ed6b93beSJung-uk Kim */
ssl_session_dup_intern(const SSL_SESSION * src,int ticket)17544096ebdSEnji Cooper static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket)
176ed6b93beSJung-uk Kim {
177ed6b93beSJung-uk Kim SSL_SESSION *dest;
178ed6b93beSJung-uk Kim
179c3c73b4fSJung-uk Kim dest = OPENSSL_malloc(sizeof(*dest));
180ed6b93beSJung-uk Kim if (dest == NULL) {
181ed6b93beSJung-uk Kim goto err;
182ed6b93beSJung-uk Kim }
183ed6b93beSJung-uk Kim memcpy(dest, src, sizeof(*dest));
184ed6b93beSJung-uk Kim
185ed6b93beSJung-uk Kim /*
186ed6b93beSJung-uk Kim * Set the various pointers to NULL so that we can call SSL_SESSION_free in
187ed6b93beSJung-uk Kim * the case of an error whilst halfway through constructing dest
188ed6b93beSJung-uk Kim */
189ed6b93beSJung-uk Kim #ifndef OPENSSL_NO_PSK
190ed6b93beSJung-uk Kim dest->psk_identity_hint = NULL;
191ed6b93beSJung-uk Kim dest->psk_identity = NULL;
192ed6b93beSJung-uk Kim #endif
193e71b7053SJung-uk Kim dest->ext.hostname = NULL;
194e71b7053SJung-uk Kim dest->ext.tick = NULL;
195e71b7053SJung-uk Kim dest->ext.alpn_selected = NULL;
196ed6b93beSJung-uk Kim #ifndef OPENSSL_NO_SRP
197ed6b93beSJung-uk Kim dest->srp_username = NULL;
198ed6b93beSJung-uk Kim #endif
199e71b7053SJung-uk Kim dest->peer_chain = NULL;
200e71b7053SJung-uk Kim dest->peer = NULL;
201e71b7053SJung-uk Kim dest->ticket_appdata = NULL;
202e71b7053SJung-uk Kim memset(&dest->ex_data, 0, sizeof(dest->ex_data));
203ed6b93beSJung-uk Kim
204b077aed3SPierre Pronchery /* As the copy is not in the cache, we remove the associated pointers */
205ed6b93beSJung-uk Kim dest->prev = NULL;
206ed6b93beSJung-uk Kim dest->next = NULL;
207b077aed3SPierre Pronchery dest->owner = NULL;
208ed6b93beSJung-uk Kim
209ed6b93beSJung-uk Kim dest->references = 1;
210ed6b93beSJung-uk Kim
211e71b7053SJung-uk Kim dest->lock = CRYPTO_THREAD_lock_new();
2126f1af0d7SPierre Pronchery if (dest->lock == NULL) {
2136f1af0d7SPierre Pronchery OPENSSL_free(dest);
2146f1af0d7SPierre Pronchery dest = NULL;
215e71b7053SJung-uk Kim goto err;
2166f1af0d7SPierre Pronchery }
217ed6b93beSJung-uk Kim
21847902a71SJung-uk Kim if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
21947902a71SJung-uk Kim goto err;
22047902a71SJung-uk Kim
221e71b7053SJung-uk Kim if (src->peer != NULL) {
222e71b7053SJung-uk Kim if (!X509_up_ref(src->peer))
223e71b7053SJung-uk Kim goto err;
224e71b7053SJung-uk Kim dest->peer = src->peer;
225e71b7053SJung-uk Kim }
226e71b7053SJung-uk Kim
227e71b7053SJung-uk Kim if (src->peer_chain != NULL) {
228e71b7053SJung-uk Kim dest->peer_chain = X509_chain_up_ref(src->peer_chain);
229e71b7053SJung-uk Kim if (dest->peer_chain == NULL)
230e71b7053SJung-uk Kim goto err;
231e71b7053SJung-uk Kim }
232ed6b93beSJung-uk Kim #ifndef OPENSSL_NO_PSK
233ed6b93beSJung-uk Kim if (src->psk_identity_hint) {
234e71b7053SJung-uk Kim dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
235ed6b93beSJung-uk Kim if (dest->psk_identity_hint == NULL) {
236ed6b93beSJung-uk Kim goto err;
237ed6b93beSJung-uk Kim }
238ed6b93beSJung-uk Kim }
239ed6b93beSJung-uk Kim if (src->psk_identity) {
240e71b7053SJung-uk Kim dest->psk_identity = OPENSSL_strdup(src->psk_identity);
241ed6b93beSJung-uk Kim if (dest->psk_identity == NULL) {
242ed6b93beSJung-uk Kim goto err;
243ed6b93beSJung-uk Kim }
244ed6b93beSJung-uk Kim }
245ed6b93beSJung-uk Kim #endif
246ed6b93beSJung-uk Kim
247ed6b93beSJung-uk Kim if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
248ed6b93beSJung-uk Kim &dest->ex_data, &src->ex_data)) {
249ed6b93beSJung-uk Kim goto err;
250ed6b93beSJung-uk Kim }
251ed6b93beSJung-uk Kim
252e71b7053SJung-uk Kim if (src->ext.hostname) {
253e71b7053SJung-uk Kim dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);
254e71b7053SJung-uk Kim if (dest->ext.hostname == NULL) {
255ed6b93beSJung-uk Kim goto err;
256ed6b93beSJung-uk Kim }
257ed6b93beSJung-uk Kim }
258ed6b93beSJung-uk Kim
259e71b7053SJung-uk Kim if (ticket != 0 && src->ext.tick != NULL) {
260e71b7053SJung-uk Kim dest->ext.tick =
261e71b7053SJung-uk Kim OPENSSL_memdup(src->ext.tick, src->ext.ticklen);
262e71b7053SJung-uk Kim if (dest->ext.tick == NULL)
263ed6b93beSJung-uk Kim goto err;
264ed6b93beSJung-uk Kim } else {
265e71b7053SJung-uk Kim dest->ext.tick_lifetime_hint = 0;
266e71b7053SJung-uk Kim dest->ext.ticklen = 0;
267ed6b93beSJung-uk Kim }
268e71b7053SJung-uk Kim
269e71b7053SJung-uk Kim if (src->ext.alpn_selected != NULL) {
270e71b7053SJung-uk Kim dest->ext.alpn_selected = OPENSSL_memdup(src->ext.alpn_selected,
271e71b7053SJung-uk Kim src->ext.alpn_selected_len);
272e71b7053SJung-uk Kim if (dest->ext.alpn_selected == NULL)
273e71b7053SJung-uk Kim goto err;
274e71b7053SJung-uk Kim }
275ed6b93beSJung-uk Kim
276ed6b93beSJung-uk Kim #ifndef OPENSSL_NO_SRP
277ed6b93beSJung-uk Kim if (src->srp_username) {
278e71b7053SJung-uk Kim dest->srp_username = OPENSSL_strdup(src->srp_username);
279ed6b93beSJung-uk Kim if (dest->srp_username == NULL) {
280ed6b93beSJung-uk Kim goto err;
281ed6b93beSJung-uk Kim }
282ed6b93beSJung-uk Kim }
283ed6b93beSJung-uk Kim #endif
284ed6b93beSJung-uk Kim
285e71b7053SJung-uk Kim if (src->ticket_appdata != NULL) {
286e71b7053SJung-uk Kim dest->ticket_appdata =
287e71b7053SJung-uk Kim OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len);
288e71b7053SJung-uk Kim if (dest->ticket_appdata == NULL)
289e71b7053SJung-uk Kim goto err;
290e71b7053SJung-uk Kim }
291e71b7053SJung-uk Kim
292ed6b93beSJung-uk Kim return dest;
293ed6b93beSJung-uk Kim err:
294b077aed3SPierre Pronchery ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
295ed6b93beSJung-uk Kim SSL_SESSION_free(dest);
296ed6b93beSJung-uk Kim return NULL;
297ed6b93beSJung-uk Kim }
298ed6b93beSJung-uk Kim
SSL_SESSION_dup(const SSL_SESSION * src)29944096ebdSEnji Cooper SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
30044096ebdSEnji Cooper {
30144096ebdSEnji Cooper return ssl_session_dup_intern(src, 1);
30244096ebdSEnji Cooper }
30344096ebdSEnji Cooper
30444096ebdSEnji Cooper /*
30544096ebdSEnji Cooper * Used internally when duplicating a session which might be already shared.
30644096ebdSEnji Cooper * We will have resumed the original session. Subsequently we might have marked
30744096ebdSEnji Cooper * it as non-resumable (e.g. in another thread) - but this copy should be ok to
30844096ebdSEnji Cooper * resume from.
30944096ebdSEnji Cooper */
ssl_session_dup(const SSL_SESSION * src,int ticket)31044096ebdSEnji Cooper SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
31144096ebdSEnji Cooper {
31244096ebdSEnji Cooper SSL_SESSION *sess = ssl_session_dup_intern(src, ticket);
31344096ebdSEnji Cooper
31444096ebdSEnji Cooper if (sess != NULL)
31544096ebdSEnji Cooper sess->not_resumable = 0;
31644096ebdSEnji Cooper
31744096ebdSEnji Cooper return sess;
31844096ebdSEnji Cooper }
31944096ebdSEnji Cooper
SSL_SESSION_get_id(const SSL_SESSION * s,unsigned int * len)320e71b7053SJung-uk Kim const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
3213b4e3dcbSSimon L. B. Nielsen {
3223b4e3dcbSSimon L. B. Nielsen if (len)
323e71b7053SJung-uk Kim *len = (unsigned int)s->session_id_length;
3243b4e3dcbSSimon L. B. Nielsen return s->session_id;
3253b4e3dcbSSimon L. B. Nielsen }
SSL_SESSION_get0_id_context(const SSL_SESSION * s,unsigned int * len)326e71b7053SJung-uk Kim const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
327e71b7053SJung-uk Kim unsigned int *len)
328e71b7053SJung-uk Kim {
329e71b7053SJung-uk Kim if (len != NULL)
330e71b7053SJung-uk Kim *len = (unsigned int)s->sid_ctx_length;
331e71b7053SJung-uk Kim return s->sid_ctx;
332e71b7053SJung-uk Kim }
3333b4e3dcbSSimon L. B. Nielsen
SSL_SESSION_get_compress_id(const SSL_SESSION * s)3341f13597dSJung-uk Kim unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
3351f13597dSJung-uk Kim {
3361f13597dSJung-uk Kim return s->compress_meth;
3371f13597dSJung-uk Kim }
3381f13597dSJung-uk Kim
3396f9291ceSJung-uk Kim /*
340e71b7053SJung-uk Kim * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
341e71b7053SJung-uk Kim * the ID with random junk repeatedly until we have no conflict is going to
342e71b7053SJung-uk Kim * complete in one iteration pretty much "most" of the time (btw:
343e71b7053SJung-uk Kim * understatement). So, if it takes us 10 iterations and we still can't avoid
344e71b7053SJung-uk Kim * a conflict - well that's a reasonable point to call it quits. Either the
345e71b7053SJung-uk Kim * RAND code is broken or someone is trying to open roughly very close to
346e71b7053SJung-uk Kim * 2^256 SSL sessions to our server. How you might store that many sessions
347e71b7053SJung-uk Kim * is perhaps a more interesting question ...
3486f9291ceSJung-uk Kim */
3495c87c606SMark Murray
3505c87c606SMark Murray #define MAX_SESS_ID_ATTEMPTS 10
def_generate_session_id(SSL * ssl,unsigned char * id,unsigned int * id_len)351e71b7053SJung-uk Kim static int def_generate_session_id(SSL *ssl, unsigned char *id,
3525c87c606SMark Murray unsigned int *id_len)
3535c87c606SMark Murray {
3545c87c606SMark Murray unsigned int retry = 0;
3555c87c606SMark Murray do
356b077aed3SPierre Pronchery if (RAND_bytes_ex(ssl->ctx->libctx, id, *id_len, 0) <= 0)
3576be8ae07SJacques Vidrine return 0;
3585c87c606SMark Murray while (SSL_has_matching_session_id(ssl, id, *id_len) &&
3595c87c606SMark Murray (++retry < MAX_SESS_ID_ATTEMPTS)) ;
3605c87c606SMark Murray if (retry < MAX_SESS_ID_ATTEMPTS)
3615c87c606SMark Murray return 1;
3625c87c606SMark Murray /* else - woops a session_id match */
3636f9291ceSJung-uk Kim /*
3646f9291ceSJung-uk Kim * XXX We should also check the external cache -- but the probability of
3656f9291ceSJung-uk Kim * a collision is negligible, and we could not prevent the concurrent
3666f9291ceSJung-uk Kim * creation of sessions with identical IDs since we currently don't have
3676f9291ceSJung-uk Kim * means to atomically check whether a session ID already exists and make
3686f9291ceSJung-uk Kim * a reservation for it if it does not (this problem applies to the
3696f9291ceSJung-uk Kim * internal cache as well).
3705c87c606SMark Murray */
3715c87c606SMark Murray return 0;
3725c87c606SMark Murray }
3735c87c606SMark Murray
ssl_generate_session_id(SSL * s,SSL_SESSION * ss)374e71b7053SJung-uk Kim int ssl_generate_session_id(SSL *s, SSL_SESSION *ss)
375e71b7053SJung-uk Kim {
376e71b7053SJung-uk Kim unsigned int tmp;
377e71b7053SJung-uk Kim GEN_SESSION_CB cb = def_generate_session_id;
378e71b7053SJung-uk Kim
379e71b7053SJung-uk Kim switch (s->version) {
380e71b7053SJung-uk Kim case SSL3_VERSION:
381e71b7053SJung-uk Kim case TLS1_VERSION:
382e71b7053SJung-uk Kim case TLS1_1_VERSION:
383e71b7053SJung-uk Kim case TLS1_2_VERSION:
384e71b7053SJung-uk Kim case TLS1_3_VERSION:
385e71b7053SJung-uk Kim case DTLS1_BAD_VER:
386e71b7053SJung-uk Kim case DTLS1_VERSION:
387e71b7053SJung-uk Kim case DTLS1_2_VERSION:
388e71b7053SJung-uk Kim ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
389e71b7053SJung-uk Kim break;
390e71b7053SJung-uk Kim default:
391b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_UNSUPPORTED_SSL_VERSION);
392e71b7053SJung-uk Kim return 0;
393e71b7053SJung-uk Kim }
394e71b7053SJung-uk Kim
395e71b7053SJung-uk Kim /*-
396e71b7053SJung-uk Kim * If RFC5077 ticket, use empty session ID (as server).
397e71b7053SJung-uk Kim * Note that:
398e71b7053SJung-uk Kim * (a) ssl_get_prev_session() does lookahead into the
399e71b7053SJung-uk Kim * ClientHello extensions to find the session ticket.
400e71b7053SJung-uk Kim * When ssl_get_prev_session() fails, statem_srvr.c calls
401e71b7053SJung-uk Kim * ssl_get_new_session() in tls_process_client_hello().
402e71b7053SJung-uk Kim * At that point, it has not yet parsed the extensions,
403e71b7053SJung-uk Kim * however, because of the lookahead, it already knows
404e71b7053SJung-uk Kim * whether a ticket is expected or not.
405e71b7053SJung-uk Kim *
406e71b7053SJung-uk Kim * (b) statem_clnt.c calls ssl_get_new_session() before parsing
407e71b7053SJung-uk Kim * ServerHello extensions, and before recording the session
408e71b7053SJung-uk Kim * ID received from the server, so this block is a noop.
409e71b7053SJung-uk Kim */
410e71b7053SJung-uk Kim if (s->ext.ticket_expected) {
411e71b7053SJung-uk Kim ss->session_id_length = 0;
412e71b7053SJung-uk Kim return 1;
413e71b7053SJung-uk Kim }
414e71b7053SJung-uk Kim
415e71b7053SJung-uk Kim /* Choose which callback will set the session ID */
416b077aed3SPierre Pronchery if (!CRYPTO_THREAD_read_lock(s->lock))
417b077aed3SPierre Pronchery return 0;
418b077aed3SPierre Pronchery if (!CRYPTO_THREAD_read_lock(s->session_ctx->lock)) {
419b077aed3SPierre Pronchery CRYPTO_THREAD_unlock(s->lock);
420b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR,
421b077aed3SPierre Pronchery SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
422b077aed3SPierre Pronchery return 0;
423b077aed3SPierre Pronchery }
424e71b7053SJung-uk Kim if (s->generate_session_id)
425e71b7053SJung-uk Kim cb = s->generate_session_id;
426e71b7053SJung-uk Kim else if (s->session_ctx->generate_session_id)
427e71b7053SJung-uk Kim cb = s->session_ctx->generate_session_id;
428e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(s->session_ctx->lock);
429e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(s->lock);
430e71b7053SJung-uk Kim /* Choose a session ID */
431e71b7053SJung-uk Kim memset(ss->session_id, 0, ss->session_id_length);
432e71b7053SJung-uk Kim tmp = (int)ss->session_id_length;
433e71b7053SJung-uk Kim if (!cb(s, ss->session_id, &tmp)) {
434e71b7053SJung-uk Kim /* The callback failed */
435b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR,
436e71b7053SJung-uk Kim SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
437e71b7053SJung-uk Kim return 0;
438e71b7053SJung-uk Kim }
439e71b7053SJung-uk Kim /*
440e71b7053SJung-uk Kim * Don't allow the callback to set the session length to zero. nor
441e71b7053SJung-uk Kim * set it higher than it was.
442e71b7053SJung-uk Kim */
443e71b7053SJung-uk Kim if (tmp == 0 || tmp > ss->session_id_length) {
444e71b7053SJung-uk Kim /* The callback set an illegal length */
445b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR,
446e71b7053SJung-uk Kim SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
447e71b7053SJung-uk Kim return 0;
448e71b7053SJung-uk Kim }
449e71b7053SJung-uk Kim ss->session_id_length = tmp;
450e71b7053SJung-uk Kim /* Finally, check for a conflict */
451e71b7053SJung-uk Kim if (SSL_has_matching_session_id(s, ss->session_id,
452e71b7053SJung-uk Kim (unsigned int)ss->session_id_length)) {
453b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_SSL_SESSION_ID_CONFLICT);
454e71b7053SJung-uk Kim return 0;
455e71b7053SJung-uk Kim }
456e71b7053SJung-uk Kim
457e71b7053SJung-uk Kim return 1;
458e71b7053SJung-uk Kim }
459e71b7053SJung-uk Kim
ssl_get_new_session(SSL * s,int session)46074664626SKris Kennaway int ssl_get_new_session(SSL *s, int session)
46174664626SKris Kennaway {
46274664626SKris Kennaway /* This gets used by clients and servers. */
46374664626SKris Kennaway
46474664626SKris Kennaway SSL_SESSION *ss = NULL;
46574664626SKris Kennaway
466e71b7053SJung-uk Kim if ((ss = SSL_SESSION_new()) == NULL) {
467b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
468e71b7053SJung-uk Kim return 0;
469e71b7053SJung-uk Kim }
47074664626SKris Kennaway
47174664626SKris Kennaway /* If the context has a default timeout, use it */
4721f13597dSJung-uk Kim if (s->session_ctx->session_timeout == 0)
47374664626SKris Kennaway ss->timeout = SSL_get_default_timeout(s);
47474664626SKris Kennaway else
4751f13597dSJung-uk Kim ss->timeout = s->session_ctx->session_timeout;
476b077aed3SPierre Pronchery ssl_session_calculate_timeout(ss);
47774664626SKris Kennaway
47874664626SKris Kennaway SSL_SESSION_free(s->session);
47974664626SKris Kennaway s->session = NULL;
48074664626SKris Kennaway
4816f9291ceSJung-uk Kim if (session) {
482e71b7053SJung-uk Kim if (SSL_IS_TLS13(s)) {
4836f9291ceSJung-uk Kim /*
484e71b7053SJung-uk Kim * We generate the session id while constructing the
485e71b7053SJung-uk Kim * NewSessionTicket in TLSv1.3.
4866f9291ceSJung-uk Kim */
487e71b7053SJung-uk Kim ss->session_id_length = 0;
488e71b7053SJung-uk Kim } else if (!ssl_generate_session_id(s, ss)) {
489e71b7053SJung-uk Kim /* SSLfatal() already called */
490db522d3aSSimon L. B. Nielsen SSL_SESSION_free(ss);
491db522d3aSSimon L. B. Nielsen return 0;
492db522d3aSSimon L. B. Nielsen }
493e71b7053SJung-uk Kim
4946f9291ceSJung-uk Kim } else {
49574664626SKris Kennaway ss->session_id_length = 0;
49674664626SKris Kennaway }
49774664626SKris Kennaway
498dee36b4fSJung-uk Kim if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {
499b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
50048454956SJacques Vidrine SSL_SESSION_free(ss);
50148454956SJacques Vidrine return 0;
50248454956SJacques Vidrine }
50374664626SKris Kennaway memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
50474664626SKris Kennaway ss->sid_ctx_length = s->sid_ctx_length;
50574664626SKris Kennaway s->session = ss;
50674664626SKris Kennaway ss->ssl_version = s->version;
507f579bf8eSKris Kennaway ss->verify_result = X509_V_OK;
50874664626SKris Kennaway
509e71b7053SJung-uk Kim /* If client supports extended master secret set it in session */
510b077aed3SPierre Pronchery if (s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS)
511e71b7053SJung-uk Kim ss->flags |= SSL_SESS_FLAG_EXTMS;
512e71b7053SJung-uk Kim
513e71b7053SJung-uk Kim return 1;
51474664626SKris Kennaway }
51574664626SKris Kennaway
lookup_sess_in_cache(SSL * s,const unsigned char * sess_id,size_t sess_id_len)516e71b7053SJung-uk Kim SSL_SESSION *lookup_sess_in_cache(SSL *s, const unsigned char *sess_id,
517e71b7053SJung-uk Kim size_t sess_id_len)
51874664626SKris Kennaway {
519db522d3aSSimon L. B. Nielsen SSL_SESSION *ret = NULL;
52074664626SKris Kennaway
521e71b7053SJung-uk Kim if ((s->session_ctx->session_cache_mode
522e71b7053SJung-uk Kim & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) == 0) {
523db522d3aSSimon L. B. Nielsen SSL_SESSION data;
524e71b7053SJung-uk Kim
525db522d3aSSimon L. B. Nielsen data.ssl_version = s->version;
526e71b7053SJung-uk Kim if (!ossl_assert(sess_id_len <= SSL_MAX_SSL_SESSION_ID_LENGTH))
527e71b7053SJung-uk Kim return NULL;
528e71b7053SJung-uk Kim
529e71b7053SJung-uk Kim memcpy(data.session_id, sess_id, sess_id_len);
530e71b7053SJung-uk Kim data.session_id_length = sess_id_len;
531e71b7053SJung-uk Kim
532b077aed3SPierre Pronchery if (!CRYPTO_THREAD_read_lock(s->session_ctx->lock))
533b077aed3SPierre Pronchery return NULL;
5341f13597dSJung-uk Kim ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
5356f9291ceSJung-uk Kim if (ret != NULL) {
53674664626SKris Kennaway /* don't allow other threads to steal it: */
537e71b7053SJung-uk Kim SSL_SESSION_up_ref(ret);
5381f13597dSJung-uk Kim }
539e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(s->session_ctx->lock);
5401f13597dSJung-uk Kim if (ret == NULL)
541b077aed3SPierre Pronchery ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_miss);
54274664626SKris Kennaway }
54374664626SKris Kennaway
544e71b7053SJung-uk Kim if (ret == NULL && s->session_ctx->get_session_cb != NULL) {
54574664626SKris Kennaway int copy = 1;
54674664626SKris Kennaway
547e71b7053SJung-uk Kim ret = s->session_ctx->get_session_cb(s, sess_id, sess_id_len, ©);
548e71b7053SJung-uk Kim
549e71b7053SJung-uk Kim if (ret != NULL) {
55044096ebdSEnji Cooper if (ret->not_resumable) {
55144096ebdSEnji Cooper /* If its not resumable then ignore this session */
55244096ebdSEnji Cooper if (!copy)
55344096ebdSEnji Cooper SSL_SESSION_free(ret);
55444096ebdSEnji Cooper return NULL;
55544096ebdSEnji Cooper }
556b077aed3SPierre Pronchery ssl_tsan_counter(s->session_ctx,
557b077aed3SPierre Pronchery &s->session_ctx->stats.sess_cb_hit);
55874664626SKris Kennaway
5596f9291ceSJung-uk Kim /*
5606f9291ceSJung-uk Kim * Increment reference count now if the session callback asks us
5616f9291ceSJung-uk Kim * to do so (note that if the session structures returned by the
5626f9291ceSJung-uk Kim * callback are shared between threads, it must handle the
5636f9291ceSJung-uk Kim * reference count itself [i.e. copy == 0], or things won't be
5646f9291ceSJung-uk Kim * thread-safe).
5656f9291ceSJung-uk Kim */
56674664626SKris Kennaway if (copy)
567e71b7053SJung-uk Kim SSL_SESSION_up_ref(ret);
56874664626SKris Kennaway
5696f9291ceSJung-uk Kim /*
5706f9291ceSJung-uk Kim * Add the externally cached session to the internal cache as
5716f9291ceSJung-uk Kim * well if and only if we are supposed to.
5726f9291ceSJung-uk Kim */
573e71b7053SJung-uk Kim if ((s->session_ctx->session_cache_mode &
574e71b7053SJung-uk Kim SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0) {
5756f9291ceSJung-uk Kim /*
576e71b7053SJung-uk Kim * Either return value of SSL_CTX_add_session should not
577e71b7053SJung-uk Kim * interrupt the session resumption process. The return
578e71b7053SJung-uk Kim * value is intentionally ignored.
5796f9291ceSJung-uk Kim */
580e71b7053SJung-uk Kim (void)SSL_CTX_add_session(s->session_ctx, ret);
581e71b7053SJung-uk Kim }
582e71b7053SJung-uk Kim }
583e71b7053SJung-uk Kim }
584e71b7053SJung-uk Kim
585e71b7053SJung-uk Kim return ret;
586e71b7053SJung-uk Kim }
587e71b7053SJung-uk Kim
588e71b7053SJung-uk Kim /*-
589e71b7053SJung-uk Kim * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
590e71b7053SJung-uk Kim * connection. It is only called by servers.
591e71b7053SJung-uk Kim *
592e71b7053SJung-uk Kim * hello: The parsed ClientHello data
593e71b7053SJung-uk Kim *
594e71b7053SJung-uk Kim * Returns:
595e71b7053SJung-uk Kim * -1: fatal error
596e71b7053SJung-uk Kim * 0: no session found
597e71b7053SJung-uk Kim * 1: a session may have been found.
598e71b7053SJung-uk Kim *
599e71b7053SJung-uk Kim * Side effects:
600e71b7053SJung-uk Kim * - If a session is found then s->session is pointed at it (after freeing an
601e71b7053SJung-uk Kim * existing session if need be) and s->verify_result is set from the session.
602e71b7053SJung-uk Kim * - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
603e71b7053SJung-uk Kim * if the server should issue a new session ticket (to 0 otherwise).
604e71b7053SJung-uk Kim */
ssl_get_prev_session(SSL * s,CLIENTHELLO_MSG * hello)605e71b7053SJung-uk Kim int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
606e71b7053SJung-uk Kim {
607e71b7053SJung-uk Kim /* This is used only by servers. */
608e71b7053SJung-uk Kim
609e71b7053SJung-uk Kim SSL_SESSION *ret = NULL;
610e71b7053SJung-uk Kim int fatal = 0;
611e71b7053SJung-uk Kim int try_session_cache = 0;
612e71b7053SJung-uk Kim SSL_TICKET_STATUS r;
613e71b7053SJung-uk Kim
614e71b7053SJung-uk Kim if (SSL_IS_TLS13(s)) {
615e71b7053SJung-uk Kim /*
616e71b7053SJung-uk Kim * By default we will send a new ticket. This can be overridden in the
617e71b7053SJung-uk Kim * ticket processing.
618e71b7053SJung-uk Kim */
619e71b7053SJung-uk Kim s->ext.ticket_expected = 1;
620e71b7053SJung-uk Kim if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,
621e71b7053SJung-uk Kim SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,
622e71b7053SJung-uk Kim NULL, 0)
623e71b7053SJung-uk Kim || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,
624e71b7053SJung-uk Kim hello->pre_proc_exts, NULL, 0))
625e71b7053SJung-uk Kim return -1;
626e71b7053SJung-uk Kim
627e71b7053SJung-uk Kim ret = s->session;
628e71b7053SJung-uk Kim } else {
629e71b7053SJung-uk Kim /* sets s->ext.ticket_expected */
630e71b7053SJung-uk Kim r = tls_get_ticket_from_client(s, hello, &ret);
631e71b7053SJung-uk Kim switch (r) {
632e71b7053SJung-uk Kim case SSL_TICKET_FATAL_ERR_MALLOC:
633e71b7053SJung-uk Kim case SSL_TICKET_FATAL_ERR_OTHER:
634e71b7053SJung-uk Kim fatal = 1;
635b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
636e71b7053SJung-uk Kim goto err;
637e71b7053SJung-uk Kim case SSL_TICKET_NONE:
638e71b7053SJung-uk Kim case SSL_TICKET_EMPTY:
639e71b7053SJung-uk Kim if (hello->session_id_len > 0) {
640e71b7053SJung-uk Kim try_session_cache = 1;
641e71b7053SJung-uk Kim ret = lookup_sess_in_cache(s, hello->session_id,
642e71b7053SJung-uk Kim hello->session_id_len);
643e71b7053SJung-uk Kim }
644e71b7053SJung-uk Kim break;
645e71b7053SJung-uk Kim case SSL_TICKET_NO_DECRYPT:
646e71b7053SJung-uk Kim case SSL_TICKET_SUCCESS:
647e71b7053SJung-uk Kim case SSL_TICKET_SUCCESS_RENEW:
648e71b7053SJung-uk Kim break;
64974664626SKris Kennaway }
65074664626SKris Kennaway }
65174664626SKris Kennaway
6521f13597dSJung-uk Kim if (ret == NULL)
6531f13597dSJung-uk Kim goto err;
6541f13597dSJung-uk Kim
6551f13597dSJung-uk Kim /* Now ret is non-NULL and we own one of its reference counts. */
65674664626SKris Kennaway
657e71b7053SJung-uk Kim /* Check TLS version consistency */
658e71b7053SJung-uk Kim if (ret->ssl_version != s->version)
659e71b7053SJung-uk Kim goto err;
660e71b7053SJung-uk Kim
661db522d3aSSimon L. B. Nielsen if (ret->sid_ctx_length != s->sid_ctx_length
6626f9291ceSJung-uk Kim || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
6636f9291ceSJung-uk Kim /*
6646f9291ceSJung-uk Kim * We have the session requested by the client, but we don't want to
6656f9291ceSJung-uk Kim * use it in this context.
6666f9291ceSJung-uk Kim */
66774664626SKris Kennaway goto err; /* treat like cache miss */
66874664626SKris Kennaway }
669db522d3aSSimon L. B. Nielsen
6706f9291ceSJung-uk Kim if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
6716f9291ceSJung-uk Kim /*
6726f9291ceSJung-uk Kim * We can't be sure if this session is being used out of context,
6736f9291ceSJung-uk Kim * which is especially important for SSL_VERIFY_PEER. The application
6746f9291ceSJung-uk Kim * should have used SSL[_CTX]_set_session_id_context. For this error
6756f9291ceSJung-uk Kim * case, we generate an error instead of treating the event like a
6766f9291ceSJung-uk Kim * cache miss (otherwise it would be easy for applications to
6776f9291ceSJung-uk Kim * effectively disable the session cache by accident without anyone
6786f9291ceSJung-uk Kim * noticing).
679db522d3aSSimon L. B. Nielsen */
680db522d3aSSimon L. B. Nielsen
681b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_INTERNAL_ERROR,
6826f9291ceSJung-uk Kim SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
683db522d3aSSimon L. B. Nielsen fatal = 1;
684db522d3aSSimon L. B. Nielsen goto err;
68574664626SKris Kennaway }
68674664626SKris Kennaway
687b077aed3SPierre Pronchery if (sess_timedout(time(NULL), ret)) {
688b077aed3SPierre Pronchery ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_timeout);
6896f9291ceSJung-uk Kim if (try_session_cache) {
6901f13597dSJung-uk Kim /* session was from the cache, so remove it */
6911f13597dSJung-uk Kim SSL_CTX_remove_session(s->session_ctx, ret);
6921f13597dSJung-uk Kim }
69374664626SKris Kennaway goto err;
69474664626SKris Kennaway }
69574664626SKris Kennaway
696e71b7053SJung-uk Kim /* Check extended master secret extension consistency */
697e71b7053SJung-uk Kim if (ret->flags & SSL_SESS_FLAG_EXTMS) {
698e71b7053SJung-uk Kim /* If old session includes extms, but new does not: abort handshake */
699b077aed3SPierre Pronchery if (!(s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS)) {
700b077aed3SPierre Pronchery SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_INCONSISTENT_EXTMS);
701e71b7053SJung-uk Kim fatal = 1;
702e71b7053SJung-uk Kim goto err;
703e71b7053SJung-uk Kim }
704b077aed3SPierre Pronchery } else if (s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) {
705e71b7053SJung-uk Kim /* If new session includes extms, but old does not: do not resume */
706e71b7053SJung-uk Kim goto err;
707e71b7053SJung-uk Kim }
70874664626SKris Kennaway
709e71b7053SJung-uk Kim if (!SSL_IS_TLS13(s)) {
710e71b7053SJung-uk Kim /* We already did this for TLS1.3 */
71174664626SKris Kennaway SSL_SESSION_free(s->session);
71274664626SKris Kennaway s->session = ret;
713e71b7053SJung-uk Kim }
714e71b7053SJung-uk Kim
715b077aed3SPierre Pronchery ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_hit);
716f579bf8eSKris Kennaway s->verify_result = s->session->verify_result;
7171f13597dSJung-uk Kim return 1;
71874664626SKris Kennaway
71974664626SKris Kennaway err:
7206f9291ceSJung-uk Kim if (ret != NULL) {
72174664626SKris Kennaway SSL_SESSION_free(ret);
722e71b7053SJung-uk Kim /* In TLSv1.3 s->session was already set to ret, so we NULL it out */
723e71b7053SJung-uk Kim if (SSL_IS_TLS13(s))
724e71b7053SJung-uk Kim s->session = NULL;
725e71b7053SJung-uk Kim
7266f9291ceSJung-uk Kim if (!try_session_cache) {
7276f9291ceSJung-uk Kim /*
7286f9291ceSJung-uk Kim * The session was from a ticket, so we should issue a ticket for
7296f9291ceSJung-uk Kim * the new session
7306f9291ceSJung-uk Kim */
731e71b7053SJung-uk Kim s->ext.ticket_expected = 1;
7321f13597dSJung-uk Kim }
7331f13597dSJung-uk Kim }
73474664626SKris Kennaway if (fatal)
73574664626SKris Kennaway return -1;
736e71b7053SJung-uk Kim
73774664626SKris Kennaway return 0;
73874664626SKris Kennaway }
73974664626SKris Kennaway
SSL_CTX_add_session(SSL_CTX * ctx,SSL_SESSION * c)74074664626SKris Kennaway int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
74174664626SKris Kennaway {
74274664626SKris Kennaway int ret = 0;
74374664626SKris Kennaway SSL_SESSION *s;
74474664626SKris Kennaway
7456f9291ceSJung-uk Kim /*
7466f9291ceSJung-uk Kim * add just 1 reference count for the SSL_CTX's session cache even though
7476f9291ceSJung-uk Kim * it has two ways of access: each session is in a doubly linked list and
7486f9291ceSJung-uk Kim * an lhash
7496f9291ceSJung-uk Kim */
750e71b7053SJung-uk Kim SSL_SESSION_up_ref(c);
7516f9291ceSJung-uk Kim /*
7526f9291ceSJung-uk Kim * if session c is in already in cache, we take back the increment later
7536f9291ceSJung-uk Kim */
75474664626SKris Kennaway
755b077aed3SPierre Pronchery if (!CRYPTO_THREAD_write_lock(ctx->lock)) {
756b077aed3SPierre Pronchery SSL_SESSION_free(c);
757b077aed3SPierre Pronchery return 0;
758b077aed3SPierre Pronchery }
7591f13597dSJung-uk Kim s = lh_SSL_SESSION_insert(ctx->sessions, c);
76074664626SKris Kennaway
7616f9291ceSJung-uk Kim /*
7626f9291ceSJung-uk Kim * s != NULL iff we already had a session with the given PID. In this
7636f9291ceSJung-uk Kim * case, s == c should hold (then we did not really modify
7646f9291ceSJung-uk Kim * ctx->sessions), or we're in trouble.
7656f9291ceSJung-uk Kim */
7666f9291ceSJung-uk Kim if (s != NULL && s != c) {
767f579bf8eSKris Kennaway /* We *are* in trouble ... */
768f579bf8eSKris Kennaway SSL_SESSION_list_remove(ctx, s);
769f579bf8eSKris Kennaway SSL_SESSION_free(s);
7706f9291ceSJung-uk Kim /*
7716f9291ceSJung-uk Kim * ... so pretend the other session did not exist in cache (we cannot
7726f9291ceSJung-uk Kim * handle two SSL_SESSION structures with identical session ID in the
7736f9291ceSJung-uk Kim * same cache, which could happen e.g. when two threads concurrently
7746f9291ceSJung-uk Kim * obtain the same session from an external cache)
7756f9291ceSJung-uk Kim */
776f579bf8eSKris Kennaway s = NULL;
7776cf8931aSJung-uk Kim } else if (s == NULL &&
7786cf8931aSJung-uk Kim lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
7796cf8931aSJung-uk Kim /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
7806cf8931aSJung-uk Kim
7816cf8931aSJung-uk Kim /*
7826cf8931aSJung-uk Kim * ... so take back the extra reference and also don't add
7836cf8931aSJung-uk Kim * the session to the SSL_SESSION_list at this time
7846cf8931aSJung-uk Kim */
7856cf8931aSJung-uk Kim s = c;
786f579bf8eSKris Kennaway }
787f579bf8eSKris Kennaway
788b077aed3SPierre Pronchery /* Adjust last used time, and add back into the cache at the appropriate spot */
789b077aed3SPierre Pronchery if (ctx->session_cache_mode & SSL_SESS_CACHE_UPDATE_TIME) {
790b077aed3SPierre Pronchery c->time = time(NULL);
791b077aed3SPierre Pronchery ssl_session_calculate_timeout(c);
792b077aed3SPierre Pronchery }
793b077aed3SPierre Pronchery
794b077aed3SPierre Pronchery if (s == NULL) {
795b077aed3SPierre Pronchery /*
796b077aed3SPierre Pronchery * new cache entry -- remove old ones if cache has become too large
797b077aed3SPierre Pronchery * delete cache entry *before* add, so we don't remove the one we're adding!
798b077aed3SPierre Pronchery */
799b077aed3SPierre Pronchery
800b077aed3SPierre Pronchery ret = 1;
801b077aed3SPierre Pronchery
802b077aed3SPierre Pronchery if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
803b077aed3SPierre Pronchery while (SSL_CTX_sess_number(ctx) >= SSL_CTX_sess_get_cache_size(ctx)) {
804b077aed3SPierre Pronchery if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
805b077aed3SPierre Pronchery break;
806b077aed3SPierre Pronchery else
807b077aed3SPierre Pronchery ssl_tsan_counter(ctx, &ctx->stats.sess_cache_full);
808b077aed3SPierre Pronchery }
809b077aed3SPierre Pronchery }
810b077aed3SPierre Pronchery }
811b077aed3SPierre Pronchery
81274664626SKris Kennaway SSL_SESSION_list_add(ctx, c);
81374664626SKris Kennaway
8146f9291ceSJung-uk Kim if (s != NULL) {
8156f9291ceSJung-uk Kim /*
8166f9291ceSJung-uk Kim * existing cache entry -- decrement previously incremented reference
8176f9291ceSJung-uk Kim * count because it already takes into account the cache
8186f9291ceSJung-uk Kim */
819f579bf8eSKris Kennaway
820f579bf8eSKris Kennaway SSL_SESSION_free(s); /* s == c */
82174664626SKris Kennaway ret = 0;
82274664626SKris Kennaway }
823e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(ctx->lock);
824e71b7053SJung-uk Kim return ret;
82574664626SKris Kennaway }
82674664626SKris Kennaway
SSL_CTX_remove_session(SSL_CTX * ctx,SSL_SESSION * c)82774664626SKris Kennaway int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
82874664626SKris Kennaway {
82974664626SKris Kennaway return remove_session_lock(ctx, c, 1);
83074664626SKris Kennaway }
83174664626SKris Kennaway
remove_session_lock(SSL_CTX * ctx,SSL_SESSION * c,int lck)83274664626SKris Kennaway static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
83374664626SKris Kennaway {
83474664626SKris Kennaway SSL_SESSION *r;
83574664626SKris Kennaway int ret = 0;
83674664626SKris Kennaway
8376f9291ceSJung-uk Kim if ((c != NULL) && (c->session_id_length != 0)) {
838b077aed3SPierre Pronchery if (lck) {
839b077aed3SPierre Pronchery if (!CRYPTO_THREAD_write_lock(ctx->lock))
840b077aed3SPierre Pronchery return 0;
841b077aed3SPierre Pronchery }
842e71b7053SJung-uk Kim if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) {
84374664626SKris Kennaway ret = 1;
844e71b7053SJung-uk Kim r = lh_SSL_SESSION_delete(ctx->sessions, r);
845e71b7053SJung-uk Kim SSL_SESSION_list_remove(ctx, r);
84674664626SKris Kennaway }
847e71b7053SJung-uk Kim c->not_resumable = 1;
84874664626SKris Kennaway
8496f9291ceSJung-uk Kim if (lck)
850e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(ctx->lock);
85174664626SKris Kennaway
85274664626SKris Kennaway if (ctx->remove_session_cb != NULL)
853e71b7053SJung-uk Kim ctx->remove_session_cb(ctx, c);
854e71b7053SJung-uk Kim
855e71b7053SJung-uk Kim if (ret)
85674664626SKris Kennaway SSL_SESSION_free(r);
857b077aed3SPierre Pronchery }
858e71b7053SJung-uk Kim return ret;
85974664626SKris Kennaway }
86074664626SKris Kennaway
SSL_SESSION_free(SSL_SESSION * ss)86174664626SKris Kennaway void SSL_SESSION_free(SSL_SESSION *ss)
86274664626SKris Kennaway {
86374664626SKris Kennaway int i;
86474664626SKris Kennaway
86574664626SKris Kennaway if (ss == NULL)
86674664626SKris Kennaway return;
867e71b7053SJung-uk Kim CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
868e71b7053SJung-uk Kim REF_PRINT_COUNT("SSL_SESSION", ss);
8696f9291ceSJung-uk Kim if (i > 0)
8706f9291ceSJung-uk Kim return;
871e71b7053SJung-uk Kim REF_ASSERT_ISNT(i < 0);
87274664626SKris Kennaway
8735c87c606SMark Murray CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
87474664626SKris Kennaway
875dee36b4fSJung-uk Kim OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));
876dee36b4fSJung-uk Kim OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
8776f9291ceSJung-uk Kim X509_free(ss->peer);
878e71b7053SJung-uk Kim sk_X509_pop_free(ss->peer_chain, X509_free);
879e71b7053SJung-uk Kim OPENSSL_free(ss->ext.hostname);
880e71b7053SJung-uk Kim OPENSSL_free(ss->ext.tick);
8811f13597dSJung-uk Kim #ifndef OPENSSL_NO_PSK
8821f13597dSJung-uk Kim OPENSSL_free(ss->psk_identity_hint);
8831f13597dSJung-uk Kim OPENSSL_free(ss->psk_identity);
8841f13597dSJung-uk Kim #endif
8851f13597dSJung-uk Kim #ifndef OPENSSL_NO_SRP
8861f13597dSJung-uk Kim OPENSSL_free(ss->srp_username);
887db522d3aSSimon L. B. Nielsen #endif
888e71b7053SJung-uk Kim OPENSSL_free(ss->ext.alpn_selected);
889e71b7053SJung-uk Kim OPENSSL_free(ss->ticket_appdata);
890e71b7053SJung-uk Kim CRYPTO_THREAD_lock_free(ss->lock);
891e71b7053SJung-uk Kim OPENSSL_clear_free(ss, sizeof(*ss));
892e71b7053SJung-uk Kim }
893e71b7053SJung-uk Kim
SSL_SESSION_up_ref(SSL_SESSION * ss)894e71b7053SJung-uk Kim int SSL_SESSION_up_ref(SSL_SESSION *ss)
895e71b7053SJung-uk Kim {
896e71b7053SJung-uk Kim int i;
897e71b7053SJung-uk Kim
898e71b7053SJung-uk Kim if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
899e71b7053SJung-uk Kim return 0;
900e71b7053SJung-uk Kim
901e71b7053SJung-uk Kim REF_PRINT_COUNT("SSL_SESSION", ss);
902e71b7053SJung-uk Kim REF_ASSERT_ISNT(i < 2);
903e71b7053SJung-uk Kim return ((i > 1) ? 1 : 0);
90474664626SKris Kennaway }
90574664626SKris Kennaway
SSL_set_session(SSL * s,SSL_SESSION * session)90674664626SKris Kennaway int SSL_set_session(SSL *s, SSL_SESSION *session)
90774664626SKris Kennaway {
908e71b7053SJung-uk Kim ssl_clear_bad_session(s);
909e71b7053SJung-uk Kim if (s->ctx->method != s->method) {
910e71b7053SJung-uk Kim if (!SSL_set_ssl_method(s, s->ctx->method))
911aeb5019cSJung-uk Kim return 0;
912aeb5019cSJung-uk Kim }
9135c87c606SMark Murray
914e71b7053SJung-uk Kim if (session != NULL) {
915e71b7053SJung-uk Kim SSL_SESSION_up_ref(session);
916e71b7053SJung-uk Kim s->verify_result = session->verify_result;
917e71b7053SJung-uk Kim }
91874664626SKris Kennaway SSL_SESSION_free(s->session);
91974664626SKris Kennaway s->session = session;
920e71b7053SJung-uk Kim
921e71b7053SJung-uk Kim return 1;
92274664626SKris Kennaway }
92374664626SKris Kennaway
SSL_SESSION_set1_id(SSL_SESSION * s,const unsigned char * sid,unsigned int sid_len)924e71b7053SJung-uk Kim int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
925e71b7053SJung-uk Kim unsigned int sid_len)
926e71b7053SJung-uk Kim {
927e71b7053SJung-uk Kim if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
928b077aed3SPierre Pronchery ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_TOO_LONG);
929e71b7053SJung-uk Kim return 0;
93074664626SKris Kennaway }
931e71b7053SJung-uk Kim s->session_id_length = sid_len;
932e71b7053SJung-uk Kim if (sid != s->session_id)
933e71b7053SJung-uk Kim memcpy(s->session_id, sid, sid_len);
934e71b7053SJung-uk Kim return 1;
93574664626SKris Kennaway }
93674664626SKris Kennaway
SSL_SESSION_set_timeout(SSL_SESSION * s,long t)93774664626SKris Kennaway long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
93874664626SKris Kennaway {
939b077aed3SPierre Pronchery time_t new_timeout = (time_t)t;
940b077aed3SPierre Pronchery
941b077aed3SPierre Pronchery if (s == NULL || t < 0)
942e71b7053SJung-uk Kim return 0;
943b077aed3SPierre Pronchery if (s->owner != NULL) {
944b077aed3SPierre Pronchery if (!CRYPTO_THREAD_write_lock(s->owner->lock))
945b077aed3SPierre Pronchery return 0;
946b077aed3SPierre Pronchery s->timeout = new_timeout;
947b077aed3SPierre Pronchery ssl_session_calculate_timeout(s);
948b077aed3SPierre Pronchery SSL_SESSION_list_add(s->owner, s);
949b077aed3SPierre Pronchery CRYPTO_THREAD_unlock(s->owner->lock);
950b077aed3SPierre Pronchery } else {
951b077aed3SPierre Pronchery s->timeout = new_timeout;
952b077aed3SPierre Pronchery ssl_session_calculate_timeout(s);
953b077aed3SPierre Pronchery }
954e71b7053SJung-uk Kim return 1;
95574664626SKris Kennaway }
95674664626SKris Kennaway
SSL_SESSION_get_timeout(const SSL_SESSION * s)9573b4e3dcbSSimon L. B. Nielsen long SSL_SESSION_get_timeout(const SSL_SESSION *s)
95874664626SKris Kennaway {
9596f9291ceSJung-uk Kim if (s == NULL)
960e71b7053SJung-uk Kim return 0;
961b077aed3SPierre Pronchery return (long)s->timeout;
96274664626SKris Kennaway }
96374664626SKris Kennaway
SSL_SESSION_get_time(const SSL_SESSION * s)9643b4e3dcbSSimon L. B. Nielsen long SSL_SESSION_get_time(const SSL_SESSION *s)
96574664626SKris Kennaway {
9666f9291ceSJung-uk Kim if (s == NULL)
967e71b7053SJung-uk Kim return 0;
968b077aed3SPierre Pronchery return (long)s->time;
96974664626SKris Kennaway }
97074664626SKris Kennaway
SSL_SESSION_set_time(SSL_SESSION * s,long t)97174664626SKris Kennaway long SSL_SESSION_set_time(SSL_SESSION *s, long t)
97274664626SKris Kennaway {
973b077aed3SPierre Pronchery time_t new_time = (time_t)t;
974b077aed3SPierre Pronchery
9756f9291ceSJung-uk Kim if (s == NULL)
976e71b7053SJung-uk Kim return 0;
977b077aed3SPierre Pronchery if (s->owner != NULL) {
978b077aed3SPierre Pronchery if (!CRYPTO_THREAD_write_lock(s->owner->lock))
979b077aed3SPierre Pronchery return 0;
980b077aed3SPierre Pronchery s->time = new_time;
981b077aed3SPierre Pronchery ssl_session_calculate_timeout(s);
982b077aed3SPierre Pronchery SSL_SESSION_list_add(s->owner, s);
983b077aed3SPierre Pronchery CRYPTO_THREAD_unlock(s->owner->lock);
984b077aed3SPierre Pronchery } else {
985b077aed3SPierre Pronchery s->time = new_time;
986b077aed3SPierre Pronchery ssl_session_calculate_timeout(s);
987b077aed3SPierre Pronchery }
988e71b7053SJung-uk Kim return t;
989e71b7053SJung-uk Kim }
990e71b7053SJung-uk Kim
SSL_SESSION_get_protocol_version(const SSL_SESSION * s)991e71b7053SJung-uk Kim int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
992e71b7053SJung-uk Kim {
993e71b7053SJung-uk Kim return s->ssl_version;
994e71b7053SJung-uk Kim }
995e71b7053SJung-uk Kim
SSL_SESSION_set_protocol_version(SSL_SESSION * s,int version)996e71b7053SJung-uk Kim int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version)
997e71b7053SJung-uk Kim {
998e71b7053SJung-uk Kim s->ssl_version = version;
999e71b7053SJung-uk Kim return 1;
1000e71b7053SJung-uk Kim }
1001e71b7053SJung-uk Kim
SSL_SESSION_get0_cipher(const SSL_SESSION * s)1002e71b7053SJung-uk Kim const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
1003e71b7053SJung-uk Kim {
1004e71b7053SJung-uk Kim return s->cipher;
1005e71b7053SJung-uk Kim }
1006e71b7053SJung-uk Kim
SSL_SESSION_set_cipher(SSL_SESSION * s,const SSL_CIPHER * cipher)1007e71b7053SJung-uk Kim int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher)
1008e71b7053SJung-uk Kim {
1009e71b7053SJung-uk Kim s->cipher = cipher;
1010e71b7053SJung-uk Kim return 1;
1011e71b7053SJung-uk Kim }
1012e71b7053SJung-uk Kim
SSL_SESSION_get0_hostname(const SSL_SESSION * s)1013e71b7053SJung-uk Kim const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
1014e71b7053SJung-uk Kim {
1015e71b7053SJung-uk Kim return s->ext.hostname;
1016e71b7053SJung-uk Kim }
1017e71b7053SJung-uk Kim
SSL_SESSION_set1_hostname(SSL_SESSION * s,const char * hostname)1018e71b7053SJung-uk Kim int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname)
1019e71b7053SJung-uk Kim {
1020e71b7053SJung-uk Kim OPENSSL_free(s->ext.hostname);
1021e71b7053SJung-uk Kim if (hostname == NULL) {
1022e71b7053SJung-uk Kim s->ext.hostname = NULL;
1023e71b7053SJung-uk Kim return 1;
1024e71b7053SJung-uk Kim }
1025e71b7053SJung-uk Kim s->ext.hostname = OPENSSL_strdup(hostname);
1026e71b7053SJung-uk Kim
1027e71b7053SJung-uk Kim return s->ext.hostname != NULL;
1028e71b7053SJung-uk Kim }
1029e71b7053SJung-uk Kim
SSL_SESSION_has_ticket(const SSL_SESSION * s)1030e71b7053SJung-uk Kim int SSL_SESSION_has_ticket(const SSL_SESSION *s)
1031e71b7053SJung-uk Kim {
1032e71b7053SJung-uk Kim return (s->ext.ticklen > 0) ? 1 : 0;
1033e71b7053SJung-uk Kim }
1034e71b7053SJung-uk Kim
SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION * s)1035e71b7053SJung-uk Kim unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
1036e71b7053SJung-uk Kim {
1037e71b7053SJung-uk Kim return s->ext.tick_lifetime_hint;
1038e71b7053SJung-uk Kim }
1039e71b7053SJung-uk Kim
SSL_SESSION_get0_ticket(const SSL_SESSION * s,const unsigned char ** tick,size_t * len)1040e71b7053SJung-uk Kim void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
1041e71b7053SJung-uk Kim size_t *len)
1042e71b7053SJung-uk Kim {
1043e71b7053SJung-uk Kim *len = s->ext.ticklen;
1044e71b7053SJung-uk Kim if (tick != NULL)
1045e71b7053SJung-uk Kim *tick = s->ext.tick;
1046e71b7053SJung-uk Kim }
1047e71b7053SJung-uk Kim
SSL_SESSION_get_max_early_data(const SSL_SESSION * s)1048e71b7053SJung-uk Kim uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
1049e71b7053SJung-uk Kim {
1050e71b7053SJung-uk Kim return s->ext.max_early_data;
1051e71b7053SJung-uk Kim }
1052e71b7053SJung-uk Kim
SSL_SESSION_set_max_early_data(SSL_SESSION * s,uint32_t max_early_data)1053e71b7053SJung-uk Kim int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
1054e71b7053SJung-uk Kim {
1055e71b7053SJung-uk Kim s->ext.max_early_data = max_early_data;
1056e71b7053SJung-uk Kim
1057e71b7053SJung-uk Kim return 1;
1058e71b7053SJung-uk Kim }
1059e71b7053SJung-uk Kim
SSL_SESSION_get0_alpn_selected(const SSL_SESSION * s,const unsigned char ** alpn,size_t * len)1060e71b7053SJung-uk Kim void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
1061e71b7053SJung-uk Kim const unsigned char **alpn,
1062e71b7053SJung-uk Kim size_t *len)
1063e71b7053SJung-uk Kim {
1064e71b7053SJung-uk Kim *alpn = s->ext.alpn_selected;
1065e71b7053SJung-uk Kim *len = s->ext.alpn_selected_len;
1066e71b7053SJung-uk Kim }
1067e71b7053SJung-uk Kim
SSL_SESSION_set1_alpn_selected(SSL_SESSION * s,const unsigned char * alpn,size_t len)1068e71b7053SJung-uk Kim int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,
1069e71b7053SJung-uk Kim size_t len)
1070e71b7053SJung-uk Kim {
1071e71b7053SJung-uk Kim OPENSSL_free(s->ext.alpn_selected);
1072e71b7053SJung-uk Kim if (alpn == NULL || len == 0) {
1073e71b7053SJung-uk Kim s->ext.alpn_selected = NULL;
1074e71b7053SJung-uk Kim s->ext.alpn_selected_len = 0;
1075e71b7053SJung-uk Kim return 1;
1076e71b7053SJung-uk Kim }
1077e71b7053SJung-uk Kim s->ext.alpn_selected = OPENSSL_memdup(alpn, len);
1078e71b7053SJung-uk Kim if (s->ext.alpn_selected == NULL) {
1079e71b7053SJung-uk Kim s->ext.alpn_selected_len = 0;
1080e71b7053SJung-uk Kim return 0;
1081e71b7053SJung-uk Kim }
1082e71b7053SJung-uk Kim s->ext.alpn_selected_len = len;
1083e71b7053SJung-uk Kim
1084e71b7053SJung-uk Kim return 1;
108574664626SKris Kennaway }
108674664626SKris Kennaway
SSL_SESSION_get0_peer(SSL_SESSION * s)10871f13597dSJung-uk Kim X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
10881f13597dSJung-uk Kim {
10891f13597dSJung-uk Kim return s->peer;
10901f13597dSJung-uk Kim }
10911f13597dSJung-uk Kim
SSL_SESSION_set1_id_context(SSL_SESSION * s,const unsigned char * sid_ctx,unsigned int sid_ctx_len)10921f13597dSJung-uk Kim int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
10931f13597dSJung-uk Kim unsigned int sid_ctx_len)
10941f13597dSJung-uk Kim {
10956f9291ceSJung-uk Kim if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
1096b077aed3SPierre Pronchery ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
10971f13597dSJung-uk Kim return 0;
10981f13597dSJung-uk Kim }
10991f13597dSJung-uk Kim s->sid_ctx_length = sid_ctx_len;
1100e71b7053SJung-uk Kim if (sid_ctx != s->sid_ctx)
11011f13597dSJung-uk Kim memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
11021f13597dSJung-uk Kim
11031f13597dSJung-uk Kim return 1;
11041f13597dSJung-uk Kim }
11051f13597dSJung-uk Kim
SSL_SESSION_is_resumable(const SSL_SESSION * s)1106e71b7053SJung-uk Kim int SSL_SESSION_is_resumable(const SSL_SESSION *s)
1107e71b7053SJung-uk Kim {
1108e71b7053SJung-uk Kim /*
1109e71b7053SJung-uk Kim * In the case of EAP-FAST, we can have a pre-shared "ticket" without a
1110e71b7053SJung-uk Kim * session ID.
1111e71b7053SJung-uk Kim */
1112e71b7053SJung-uk Kim return !s->not_resumable
1113e71b7053SJung-uk Kim && (s->session_id_length > 0 || s->ext.ticklen > 0);
1114e71b7053SJung-uk Kim }
1115e71b7053SJung-uk Kim
SSL_CTX_set_timeout(SSL_CTX * s,long t)111674664626SKris Kennaway long SSL_CTX_set_timeout(SSL_CTX *s, long t)
111774664626SKris Kennaway {
111874664626SKris Kennaway long l;
11196f9291ceSJung-uk Kim if (s == NULL)
1120e71b7053SJung-uk Kim return 0;
112174664626SKris Kennaway l = s->session_timeout;
112274664626SKris Kennaway s->session_timeout = t;
1123e71b7053SJung-uk Kim return l;
112474664626SKris Kennaway }
112574664626SKris Kennaway
SSL_CTX_get_timeout(const SSL_CTX * s)11263b4e3dcbSSimon L. B. Nielsen long SSL_CTX_get_timeout(const SSL_CTX *s)
112774664626SKris Kennaway {
11286f9291ceSJung-uk Kim if (s == NULL)
1129e71b7053SJung-uk Kim return 0;
1130e71b7053SJung-uk Kim return s->session_timeout;
113174664626SKris Kennaway }
113274664626SKris Kennaway
SSL_set_session_secret_cb(SSL * s,tls_session_secret_cb_fn tls_session_secret_cb,void * arg)11336f9291ceSJung-uk Kim int SSL_set_session_secret_cb(SSL *s,
1134e71b7053SJung-uk Kim tls_session_secret_cb_fn tls_session_secret_cb,
11356f9291ceSJung-uk Kim void *arg)
11361f13597dSJung-uk Kim {
11376f9291ceSJung-uk Kim if (s == NULL)
1138e71b7053SJung-uk Kim return 0;
1139e71b7053SJung-uk Kim s->ext.session_secret_cb = tls_session_secret_cb;
1140e71b7053SJung-uk Kim s->ext.session_secret_cb_arg = arg;
1141e71b7053SJung-uk Kim return 1;
11421f13597dSJung-uk Kim }
11431f13597dSJung-uk Kim
SSL_set_session_ticket_ext_cb(SSL * s,tls_session_ticket_ext_cb_fn cb,void * arg)11441f13597dSJung-uk Kim int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
11451f13597dSJung-uk Kim void *arg)
11461f13597dSJung-uk Kim {
11476f9291ceSJung-uk Kim if (s == NULL)
1148e71b7053SJung-uk Kim return 0;
1149e71b7053SJung-uk Kim s->ext.session_ticket_cb = cb;
1150e71b7053SJung-uk Kim s->ext.session_ticket_cb_arg = arg;
1151e71b7053SJung-uk Kim return 1;
11521f13597dSJung-uk Kim }
11531f13597dSJung-uk Kim
SSL_set_session_ticket_ext(SSL * s,void * ext_data,int ext_len)11541f13597dSJung-uk Kim int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
11551f13597dSJung-uk Kim {
11566f9291ceSJung-uk Kim if (s->version >= TLS1_VERSION) {
1157e71b7053SJung-uk Kim OPENSSL_free(s->ext.session_ticket);
1158e71b7053SJung-uk Kim s->ext.session_ticket = NULL;
1159e71b7053SJung-uk Kim s->ext.session_ticket =
11606f9291ceSJung-uk Kim OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
1161e71b7053SJung-uk Kim if (s->ext.session_ticket == NULL) {
1162b077aed3SPierre Pronchery ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
11631f13597dSJung-uk Kim return 0;
11641f13597dSJung-uk Kim }
11651f13597dSJung-uk Kim
1166e71b7053SJung-uk Kim if (ext_data != NULL) {
1167e71b7053SJung-uk Kim s->ext.session_ticket->length = ext_len;
1168e71b7053SJung-uk Kim s->ext.session_ticket->data = s->ext.session_ticket + 1;
1169e71b7053SJung-uk Kim memcpy(s->ext.session_ticket->data, ext_data, ext_len);
11706f9291ceSJung-uk Kim } else {
1171e71b7053SJung-uk Kim s->ext.session_ticket->length = 0;
1172e71b7053SJung-uk Kim s->ext.session_ticket->data = NULL;
11731f13597dSJung-uk Kim }
11741f13597dSJung-uk Kim
11751f13597dSJung-uk Kim return 1;
11761f13597dSJung-uk Kim }
11771f13597dSJung-uk Kim
11781f13597dSJung-uk Kim return 0;
11791f13597dSJung-uk Kim }
11801f13597dSJung-uk Kim
SSL_CTX_flush_sessions(SSL_CTX * s,long t)118174664626SKris Kennaway void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
118274664626SKris Kennaway {
1183b077aed3SPierre Pronchery STACK_OF(SSL_SESSION) *sk;
1184b077aed3SPierre Pronchery SSL_SESSION *current;
118574664626SKris Kennaway unsigned long i;
118674664626SKris Kennaway
1187b077aed3SPierre Pronchery if (!CRYPTO_THREAD_write_lock(s->lock))
11886f9291ceSJung-uk Kim return;
1189b077aed3SPierre Pronchery
1190b077aed3SPierre Pronchery sk = sk_SSL_SESSION_new_null();
1191e71b7053SJung-uk Kim i = lh_SSL_SESSION_get_down_load(s->sessions);
1192e71b7053SJung-uk Kim lh_SSL_SESSION_set_down_load(s->sessions, 0);
1193b077aed3SPierre Pronchery
1194b077aed3SPierre Pronchery /*
1195b077aed3SPierre Pronchery * Iterate over the list from the back (oldest), and stop
1196b077aed3SPierre Pronchery * when a session can no longer be removed.
1197b077aed3SPierre Pronchery * Add the session to a temporary list to be freed outside
1198b077aed3SPierre Pronchery * the SSL_CTX lock.
1199b077aed3SPierre Pronchery * But still do the remove_session_cb() within the lock.
1200b077aed3SPierre Pronchery */
1201b077aed3SPierre Pronchery while (s->session_cache_tail != NULL) {
1202b077aed3SPierre Pronchery current = s->session_cache_tail;
1203b077aed3SPierre Pronchery if (t == 0 || sess_timedout((time_t)t, current)) {
1204b077aed3SPierre Pronchery lh_SSL_SESSION_delete(s->sessions, current);
1205b077aed3SPierre Pronchery SSL_SESSION_list_remove(s, current);
1206b077aed3SPierre Pronchery current->not_resumable = 1;
1207b077aed3SPierre Pronchery if (s->remove_session_cb != NULL)
1208b077aed3SPierre Pronchery s->remove_session_cb(s, current);
1209b077aed3SPierre Pronchery /*
1210b077aed3SPierre Pronchery * Throw the session on a stack, it's entirely plausible
1211b077aed3SPierre Pronchery * that while freeing outside the critical section, the
1212b077aed3SPierre Pronchery * session could be re-added, so avoid using the next/prev
1213b077aed3SPierre Pronchery * pointers. If the stack failed to create, or the session
1214b077aed3SPierre Pronchery * couldn't be put on the stack, just free it here
1215b077aed3SPierre Pronchery */
1216b077aed3SPierre Pronchery if (sk == NULL || !sk_SSL_SESSION_push(sk, current))
1217b077aed3SPierre Pronchery SSL_SESSION_free(current);
1218b077aed3SPierre Pronchery } else {
1219b077aed3SPierre Pronchery break;
1220b077aed3SPierre Pronchery }
1221b077aed3SPierre Pronchery }
1222b077aed3SPierre Pronchery
1223e71b7053SJung-uk Kim lh_SSL_SESSION_set_down_load(s->sessions, i);
1224e71b7053SJung-uk Kim CRYPTO_THREAD_unlock(s->lock);
1225b077aed3SPierre Pronchery
1226b077aed3SPierre Pronchery sk_SSL_SESSION_pop_free(sk, SSL_SESSION_free);
122774664626SKris Kennaway }
122874664626SKris Kennaway
ssl_clear_bad_session(SSL * s)122974664626SKris Kennaway int ssl_clear_bad_session(SSL *s)
123074664626SKris Kennaway {
123174664626SKris Kennaway if ((s->session != NULL) &&
123274664626SKris Kennaway !(s->shutdown & SSL_SENT_SHUTDOWN) &&
12336f9291ceSJung-uk Kim !(SSL_in_init(s) || SSL_in_before(s))) {
1234aeb5019cSJung-uk Kim SSL_CTX_remove_session(s->session_ctx, s->session);
1235e71b7053SJung-uk Kim return 1;
12366f9291ceSJung-uk Kim } else
1237e71b7053SJung-uk Kim return 0;
123874664626SKris Kennaway }
123974664626SKris Kennaway
124074664626SKris Kennaway /* locked by SSL_CTX in the calling function */
SSL_SESSION_list_remove(SSL_CTX * ctx,SSL_SESSION * s)124174664626SKris Kennaway static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
124274664626SKris Kennaway {
12436f9291ceSJung-uk Kim if ((s->next == NULL) || (s->prev == NULL))
12446f9291ceSJung-uk Kim return;
124574664626SKris Kennaway
12466f9291ceSJung-uk Kim if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
12476f9291ceSJung-uk Kim /* last element in list */
12486f9291ceSJung-uk Kim if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
12496f9291ceSJung-uk Kim /* only one element in list */
125074664626SKris Kennaway ctx->session_cache_head = NULL;
125174664626SKris Kennaway ctx->session_cache_tail = NULL;
12526f9291ceSJung-uk Kim } else {
125374664626SKris Kennaway ctx->session_cache_tail = s->prev;
125474664626SKris Kennaway s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
125574664626SKris Kennaway }
12566f9291ceSJung-uk Kim } else {
12576f9291ceSJung-uk Kim if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
12586f9291ceSJung-uk Kim /* first element in list */
125974664626SKris Kennaway ctx->session_cache_head = s->next;
126074664626SKris Kennaway s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
12616f9291ceSJung-uk Kim } else {
12626f9291ceSJung-uk Kim /* middle of list */
126374664626SKris Kennaway s->next->prev = s->prev;
126474664626SKris Kennaway s->prev->next = s->next;
126574664626SKris Kennaway }
126674664626SKris Kennaway }
126774664626SKris Kennaway s->prev = s->next = NULL;
1268b077aed3SPierre Pronchery s->owner = NULL;
126974664626SKris Kennaway }
127074664626SKris Kennaway
SSL_SESSION_list_add(SSL_CTX * ctx,SSL_SESSION * s)127174664626SKris Kennaway static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
127274664626SKris Kennaway {
1273b077aed3SPierre Pronchery SSL_SESSION *next;
1274b077aed3SPierre Pronchery
127574664626SKris Kennaway if ((s->next != NULL) && (s->prev != NULL))
127674664626SKris Kennaway SSL_SESSION_list_remove(ctx, s);
127774664626SKris Kennaway
12786f9291ceSJung-uk Kim if (ctx->session_cache_head == NULL) {
127974664626SKris Kennaway ctx->session_cache_head = s;
128074664626SKris Kennaway ctx->session_cache_tail = s;
128174664626SKris Kennaway s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
128274664626SKris Kennaway s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
12836f9291ceSJung-uk Kim } else {
1284b077aed3SPierre Pronchery if (timeoutcmp(s, ctx->session_cache_head) >= 0) {
1285b077aed3SPierre Pronchery /*
1286b077aed3SPierre Pronchery * if we timeout after (or the same time as) the first
1287b077aed3SPierre Pronchery * session, put us first - usual case
1288b077aed3SPierre Pronchery */
128974664626SKris Kennaway s->next = ctx->session_cache_head;
129074664626SKris Kennaway s->next->prev = s;
129174664626SKris Kennaway s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
129274664626SKris Kennaway ctx->session_cache_head = s;
1293b077aed3SPierre Pronchery } else if (timeoutcmp(s, ctx->session_cache_tail) < 0) {
1294b077aed3SPierre Pronchery /* if we timeout before the last session, put us last */
1295b077aed3SPierre Pronchery s->prev = ctx->session_cache_tail;
1296b077aed3SPierre Pronchery s->prev->next = s;
1297b077aed3SPierre Pronchery s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
1298b077aed3SPierre Pronchery ctx->session_cache_tail = s;
1299b077aed3SPierre Pronchery } else {
1300b077aed3SPierre Pronchery /*
1301b077aed3SPierre Pronchery * we timeout somewhere in-between - if there is only
1302b077aed3SPierre Pronchery * one session in the cache it will be caught above
1303b077aed3SPierre Pronchery */
1304b077aed3SPierre Pronchery next = ctx->session_cache_head->next;
1305b077aed3SPierre Pronchery while (next != (SSL_SESSION*)&(ctx->session_cache_tail)) {
1306b077aed3SPierre Pronchery if (timeoutcmp(s, next) >= 0) {
1307b077aed3SPierre Pronchery s->next = next;
1308b077aed3SPierre Pronchery s->prev = next->prev;
1309b077aed3SPierre Pronchery next->prev->next = s;
1310b077aed3SPierre Pronchery next->prev = s;
1311b077aed3SPierre Pronchery break;
131274664626SKris Kennaway }
1313b077aed3SPierre Pronchery next = next->next;
1314b077aed3SPierre Pronchery }
1315b077aed3SPierre Pronchery }
1316b077aed3SPierre Pronchery }
1317b077aed3SPierre Pronchery s->owner = ctx;
131874664626SKris Kennaway }
131974664626SKris Kennaway
SSL_CTX_sess_set_new_cb(SSL_CTX * ctx,int (* cb)(struct ssl_st * ssl,SSL_SESSION * sess))13205471f83eSSimon L. B. Nielsen void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
1321e71b7053SJung-uk Kim int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
13225471f83eSSimon L. B. Nielsen {
13235471f83eSSimon L. B. Nielsen ctx->new_session_cb = cb;
13245471f83eSSimon L. B. Nielsen }
13255471f83eSSimon L. B. Nielsen
SSL_CTX_sess_get_new_cb(SSL_CTX * ctx)13266f9291ceSJung-uk Kim int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
13275471f83eSSimon L. B. Nielsen return ctx->new_session_cb;
13285471f83eSSimon L. B. Nielsen }
13295471f83eSSimon L. B. Nielsen
SSL_CTX_sess_set_remove_cb(SSL_CTX * ctx,void (* cb)(SSL_CTX * ctx,SSL_SESSION * sess))13305471f83eSSimon L. B. Nielsen void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
13315471f83eSSimon L. B. Nielsen void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
13325471f83eSSimon L. B. Nielsen {
13335471f83eSSimon L. B. Nielsen ctx->remove_session_cb = cb;
13345471f83eSSimon L. B. Nielsen }
13355471f83eSSimon L. B. Nielsen
SSL_CTX_sess_get_remove_cb(SSL_CTX * ctx)13366f9291ceSJung-uk Kim void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
13376f9291ceSJung-uk Kim SSL_SESSION *sess) {
13385471f83eSSimon L. B. Nielsen return ctx->remove_session_cb;
13395471f83eSSimon L. B. Nielsen }
13405471f83eSSimon L. B. Nielsen
SSL_CTX_sess_set_get_cb(SSL_CTX * ctx,SSL_SESSION * (* cb)(struct ssl_st * ssl,const unsigned char * data,int len,int * copy))13415471f83eSSimon L. B. Nielsen void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
13425471f83eSSimon L. B. Nielsen SSL_SESSION *(*cb) (struct ssl_st *ssl,
1343e71b7053SJung-uk Kim const unsigned char *data,
1344e71b7053SJung-uk Kim int len, int *copy))
13455471f83eSSimon L. B. Nielsen {
13465471f83eSSimon L. B. Nielsen ctx->get_session_cb = cb;
13475471f83eSSimon L. B. Nielsen }
13485471f83eSSimon L. B. Nielsen
SSL_CTX_sess_get_get_cb(SSL_CTX * ctx)13495471f83eSSimon L. B. Nielsen SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
1350e71b7053SJung-uk Kim const unsigned char
1351e71b7053SJung-uk Kim *data, int len,
1352e71b7053SJung-uk Kim int *copy) {
13535471f83eSSimon L. B. Nielsen return ctx->get_session_cb;
13545471f83eSSimon L. B. Nielsen }
13555471f83eSSimon L. B. Nielsen
SSL_CTX_set_info_callback(SSL_CTX * ctx,void (* cb)(const SSL * ssl,int type,int val))13565471f83eSSimon L. B. Nielsen void SSL_CTX_set_info_callback(SSL_CTX *ctx,
13575471f83eSSimon L. B. Nielsen void (*cb) (const SSL *ssl, int type, int val))
13585471f83eSSimon L. B. Nielsen {
13595471f83eSSimon L. B. Nielsen ctx->info_callback = cb;
13605471f83eSSimon L. B. Nielsen }
13615471f83eSSimon L. B. Nielsen
SSL_CTX_get_info_callback(SSL_CTX * ctx)13626f9291ceSJung-uk Kim void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
13636f9291ceSJung-uk Kim int val) {
13645471f83eSSimon L. B. Nielsen return ctx->info_callback;
13655471f83eSSimon L. B. Nielsen }
13665471f83eSSimon L. B. Nielsen
SSL_CTX_set_client_cert_cb(SSL_CTX * ctx,int (* cb)(SSL * ssl,X509 ** x509,EVP_PKEY ** pkey))13675471f83eSSimon L. B. Nielsen void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
13686f9291ceSJung-uk Kim int (*cb) (SSL *ssl, X509 **x509,
13696f9291ceSJung-uk Kim EVP_PKEY **pkey))
13705471f83eSSimon L. B. Nielsen {
13715471f83eSSimon L. B. Nielsen ctx->client_cert_cb = cb;
13725471f83eSSimon L. B. Nielsen }
13735471f83eSSimon L. B. Nielsen
SSL_CTX_get_client_cert_cb(SSL_CTX * ctx)13746f9291ceSJung-uk Kim int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
13756f9291ceSJung-uk Kim EVP_PKEY **pkey) {
13765471f83eSSimon L. B. Nielsen return ctx->client_cert_cb;
13775471f83eSSimon L. B. Nielsen }
13785471f83eSSimon L. B. Nielsen
SSL_CTX_set_cookie_generate_cb(SSL_CTX * ctx,int (* cb)(SSL * ssl,unsigned char * cookie,unsigned int * cookie_len))13795471f83eSSimon L. B. Nielsen void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
13806f9291ceSJung-uk Kim int (*cb) (SSL *ssl,
13816f9291ceSJung-uk Kim unsigned char *cookie,
13826f9291ceSJung-uk Kim unsigned int *cookie_len))
13835471f83eSSimon L. B. Nielsen {
13845471f83eSSimon L. B. Nielsen ctx->app_gen_cookie_cb = cb;
13855471f83eSSimon L. B. Nielsen }
13865471f83eSSimon L. B. Nielsen
SSL_CTX_set_cookie_verify_cb(SSL_CTX * ctx,int (* cb)(SSL * ssl,const unsigned char * cookie,unsigned int cookie_len))13875471f83eSSimon L. B. Nielsen void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
1388e71b7053SJung-uk Kim int (*cb) (SSL *ssl,
1389e71b7053SJung-uk Kim const unsigned char *cookie,
13906f9291ceSJung-uk Kim unsigned int cookie_len))
13915471f83eSSimon L. B. Nielsen {
13925471f83eSSimon L. B. Nielsen ctx->app_verify_cookie_cb = cb;
13935471f83eSSimon L. B. Nielsen }
13945471f83eSSimon L. B. Nielsen
SSL_SESSION_set1_ticket_appdata(SSL_SESSION * ss,const void * data,size_t len)1395e71b7053SJung-uk Kim int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len)
1396e71b7053SJung-uk Kim {
1397e71b7053SJung-uk Kim OPENSSL_free(ss->ticket_appdata);
1398e71b7053SJung-uk Kim ss->ticket_appdata_len = 0;
1399e71b7053SJung-uk Kim if (data == NULL || len == 0) {
1400e71b7053SJung-uk Kim ss->ticket_appdata = NULL;
1401e71b7053SJung-uk Kim return 1;
1402e71b7053SJung-uk Kim }
1403e71b7053SJung-uk Kim ss->ticket_appdata = OPENSSL_memdup(data, len);
1404e71b7053SJung-uk Kim if (ss->ticket_appdata != NULL) {
1405e71b7053SJung-uk Kim ss->ticket_appdata_len = len;
1406e71b7053SJung-uk Kim return 1;
1407e71b7053SJung-uk Kim }
1408e71b7053SJung-uk Kim return 0;
1409e71b7053SJung-uk Kim }
1410e71b7053SJung-uk Kim
SSL_SESSION_get0_ticket_appdata(SSL_SESSION * ss,void ** data,size_t * len)1411e71b7053SJung-uk Kim int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len)
1412e71b7053SJung-uk Kim {
1413e71b7053SJung-uk Kim *data = ss->ticket_appdata;
1414e71b7053SJung-uk Kim *len = ss->ticket_appdata_len;
1415e71b7053SJung-uk Kim return 1;
1416e71b7053SJung-uk Kim }
1417e71b7053SJung-uk Kim
SSL_CTX_set_stateless_cookie_generate_cb(SSL_CTX * ctx,int (* cb)(SSL * ssl,unsigned char * cookie,size_t * cookie_len))1418e71b7053SJung-uk Kim void SSL_CTX_set_stateless_cookie_generate_cb(
1419e71b7053SJung-uk Kim SSL_CTX *ctx,
1420e71b7053SJung-uk Kim int (*cb) (SSL *ssl,
1421e71b7053SJung-uk Kim unsigned char *cookie,
1422e71b7053SJung-uk Kim size_t *cookie_len))
1423e71b7053SJung-uk Kim {
1424e71b7053SJung-uk Kim ctx->gen_stateless_cookie_cb = cb;
1425e71b7053SJung-uk Kim }
1426e71b7053SJung-uk Kim
SSL_CTX_set_stateless_cookie_verify_cb(SSL_CTX * ctx,int (* cb)(SSL * ssl,const unsigned char * cookie,size_t cookie_len))1427e71b7053SJung-uk Kim void SSL_CTX_set_stateless_cookie_verify_cb(
1428e71b7053SJung-uk Kim SSL_CTX *ctx,
1429e71b7053SJung-uk Kim int (*cb) (SSL *ssl,
1430e71b7053SJung-uk Kim const unsigned char *cookie,
1431e71b7053SJung-uk Kim size_t cookie_len))
1432e71b7053SJung-uk Kim {
1433e71b7053SJung-uk Kim ctx->verify_stateless_cookie_cb = cb;
1434e71b7053SJung-uk Kim }
1435e71b7053SJung-uk Kim
1436e71b7053SJung-uk Kim IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)
1437