1 /* 2 * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright 2005 Nokia. All rights reserved. 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #if defined(__TANDEM) && defined(_SPT_MODEL_) 12 # include <spthread.h> 13 # include <spt_extensions.h> /* timeval */ 14 #endif 15 #include <stdio.h> 16 #include <openssl/rand.h> 17 #include <openssl/engine.h> 18 #include "internal/refcount.h" 19 #include "internal/cryptlib.h" 20 #include "internal/ssl_unwrap.h" 21 #include "ssl_local.h" 22 #include "statem/statem_local.h" 23 24 static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); 25 static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s); 26 static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck); 27 28 DEFINE_STACK_OF(SSL_SESSION) 29 30 __owur static ossl_inline int sess_timedout(OSSL_TIME t, SSL_SESSION *ss) 31 { 32 return ossl_time_compare(t, ss->calc_timeout) > 0; 33 } 34 35 /* 36 * Returns -1/0/+1 as other XXXcmp-type functions 37 * Takes calculated timeout into consideration 38 */ 39 __owur static ossl_inline int timeoutcmp(SSL_SESSION *a, SSL_SESSION *b) 40 { 41 return ossl_time_compare(a->calc_timeout, b->calc_timeout); 42 } 43 44 /* 45 * Calculates effective timeout 46 * Locking must be done by the caller of this function 47 */ 48 void ssl_session_calculate_timeout(SSL_SESSION *ss) 49 { 50 ss->calc_timeout = ossl_time_add(ss->time, ss->timeout); 51 } 52 53 /* 54 * SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because, 55 * unlike in earlier protocol versions, the session ticket may not have been 56 * sent yet even though a handshake has finished. The session ticket data could 57 * come in sometime later...or even change if multiple session ticket messages 58 * are sent from the server. The preferred way for applications to obtain 59 * a resumable session is to use SSL_CTX_sess_set_new_cb(). 60 */ 61 62 SSL_SESSION *SSL_get_session(const SSL *ssl) 63 /* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */ 64 { 65 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl); 66 67 if (sc == NULL) 68 return NULL; 69 70 return sc->session; 71 } 72 73 SSL_SESSION *SSL_get1_session(SSL *ssl) 74 /* variant of SSL_get_session: caller really gets something */ 75 { 76 SSL_SESSION *sess; 77 78 /* 79 * Need to lock this all up rather than just use CRYPTO_add so that 80 * somebody doesn't free ssl->session between when we check it's non-null 81 * and when we up the reference count. 82 */ 83 if (!CRYPTO_THREAD_read_lock(ssl->lock)) 84 return NULL; 85 sess = SSL_get_session(ssl); 86 if (sess != NULL && !SSL_SESSION_up_ref(sess)) 87 sess = NULL; 88 CRYPTO_THREAD_unlock(ssl->lock); 89 return sess; 90 } 91 92 int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) 93 { 94 return CRYPTO_set_ex_data(&s->ex_data, idx, arg); 95 } 96 97 void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx) 98 { 99 return CRYPTO_get_ex_data(&s->ex_data, idx); 100 } 101 102 SSL_SESSION *SSL_SESSION_new(void) 103 { 104 SSL_SESSION *ss; 105 106 if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) 107 return NULL; 108 109 ss = OPENSSL_zalloc(sizeof(*ss)); 110 if (ss == NULL) 111 return NULL; 112 113 ss->ext.max_fragment_len_mode = TLSEXT_max_fragment_length_UNSPECIFIED; 114 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ 115 /* 5 minute timeout by default */ 116 ss->timeout = ossl_seconds2time(60 * 5 + 4); 117 ss->time = ossl_time_now(); 118 ssl_session_calculate_timeout(ss); 119 if (!CRYPTO_NEW_REF(&ss->references, 1)) { 120 OPENSSL_free(ss); 121 return NULL; 122 } 123 124 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) { 125 CRYPTO_FREE_REF(&ss->references); 126 OPENSSL_free(ss); 127 return NULL; 128 } 129 return ss; 130 } 131 132 /* 133 * Create a new SSL_SESSION and duplicate the contents of |src| into it. If 134 * ticket == 0 then no ticket information is duplicated, otherwise it is. 135 */ 136 static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket) 137 { 138 SSL_SESSION *dest; 139 140 dest = OPENSSL_malloc(sizeof(*dest)); 141 if (dest == NULL) 142 return NULL; 143 144 /* 145 * src is logically read-only but the prev/next pointers are not, they are 146 * part of the session cache and can be modified concurrently. 147 */ 148 memcpy(dest, src, offsetof(SSL_SESSION, prev)); 149 150 /* 151 * Set the various pointers to NULL so that we can call SSL_SESSION_free in 152 * the case of an error whilst halfway through constructing dest 153 */ 154 #ifndef OPENSSL_NO_PSK 155 dest->psk_identity_hint = NULL; 156 dest->psk_identity = NULL; 157 #endif 158 dest->ext.hostname = NULL; 159 dest->ext.tick = NULL; 160 dest->ext.alpn_selected = NULL; 161 #ifndef OPENSSL_NO_SRP 162 dest->srp_username = NULL; 163 #endif 164 dest->peer_chain = NULL; 165 dest->peer = NULL; 166 dest->peer_rpk = NULL; 167 dest->ticket_appdata = NULL; 168 memset(&dest->ex_data, 0, sizeof(dest->ex_data)); 169 170 /* As the copy is not in the cache, we remove the associated pointers */ 171 dest->prev = NULL; 172 dest->next = NULL; 173 dest->owner = NULL; 174 175 if (!CRYPTO_NEW_REF(&dest->references, 1)) { 176 OPENSSL_free(dest); 177 return NULL; 178 } 179 180 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data)) { 181 ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); 182 goto err; 183 } 184 185 if (src->peer != NULL) { 186 if (!X509_up_ref(src->peer)) { 187 ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); 188 goto err; 189 } 190 dest->peer = src->peer; 191 } 192 193 if (src->peer_chain != NULL) { 194 dest->peer_chain = X509_chain_up_ref(src->peer_chain); 195 if (dest->peer_chain == NULL) { 196 ERR_raise(ERR_LIB_SSL, ERR_R_X509_LIB); 197 goto err; 198 } 199 } 200 201 if (src->peer_rpk != NULL) { 202 if (!EVP_PKEY_up_ref(src->peer_rpk)) 203 goto err; 204 dest->peer_rpk = src->peer_rpk; 205 } 206 207 #ifndef OPENSSL_NO_PSK 208 if (src->psk_identity_hint) { 209 dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint); 210 if (dest->psk_identity_hint == NULL) 211 goto err; 212 } 213 if (src->psk_identity) { 214 dest->psk_identity = OPENSSL_strdup(src->psk_identity); 215 if (dest->psk_identity == NULL) 216 goto err; 217 } 218 #endif 219 220 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, 221 &dest->ex_data, &src->ex_data)) { 222 ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB); 223 goto err; 224 } 225 226 if (src->ext.hostname) { 227 dest->ext.hostname = OPENSSL_strdup(src->ext.hostname); 228 if (dest->ext.hostname == NULL) 229 goto err; 230 } 231 232 if (ticket != 0 && src->ext.tick != NULL) { 233 dest->ext.tick = 234 OPENSSL_memdup(src->ext.tick, src->ext.ticklen); 235 if (dest->ext.tick == NULL) 236 goto err; 237 } else { 238 dest->ext.tick_lifetime_hint = 0; 239 dest->ext.ticklen = 0; 240 } 241 242 if (src->ext.alpn_selected != NULL) { 243 dest->ext.alpn_selected = OPENSSL_memdup(src->ext.alpn_selected, 244 src->ext.alpn_selected_len); 245 if (dest->ext.alpn_selected == NULL) 246 goto err; 247 } 248 249 #ifndef OPENSSL_NO_SRP 250 if (src->srp_username) { 251 dest->srp_username = OPENSSL_strdup(src->srp_username); 252 if (dest->srp_username == NULL) 253 goto err; 254 } 255 #endif 256 257 if (src->ticket_appdata != NULL) { 258 dest->ticket_appdata = 259 OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len); 260 if (dest->ticket_appdata == NULL) 261 goto err; 262 } 263 264 return dest; 265 err: 266 SSL_SESSION_free(dest); 267 return NULL; 268 } 269 270 SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) 271 { 272 return ssl_session_dup_intern(src, 1); 273 } 274 275 /* 276 * Used internally when duplicating a session which might be already shared. 277 * We will have resumed the original session. Subsequently we might have marked 278 * it as non-resumable (e.g. in another thread) - but this copy should be ok to 279 * resume from. 280 */ 281 SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) 282 { 283 SSL_SESSION *sess = ssl_session_dup_intern(src, ticket); 284 285 if (sess != NULL) 286 sess->not_resumable = 0; 287 288 return sess; 289 } 290 291 const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) 292 { 293 if (len) 294 *len = (unsigned int)s->session_id_length; 295 return s->session_id; 296 } 297 298 const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s, 299 unsigned int *len) 300 { 301 if (len != NULL) 302 *len = (unsigned int)s->sid_ctx_length; 303 return s->sid_ctx; 304 } 305 306 unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s) 307 { 308 return s->compress_meth; 309 } 310 311 /* 312 * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling 313 * the ID with random junk repeatedly until we have no conflict is going to 314 * complete in one iteration pretty much "most" of the time (btw: 315 * understatement). So, if it takes us 10 iterations and we still can't avoid 316 * a conflict - well that's a reasonable point to call it quits. Either the 317 * RAND code is broken or someone is trying to open roughly very close to 318 * 2^256 SSL sessions to our server. How you might store that many sessions 319 * is perhaps a more interesting question ... 320 */ 321 322 #define MAX_SESS_ID_ATTEMPTS 10 323 static int def_generate_session_id(SSL *ssl, unsigned char *id, 324 unsigned int *id_len) 325 { 326 unsigned int retry = 0; 327 do { 328 if (RAND_bytes_ex(ssl->ctx->libctx, id, *id_len, 0) <= 0) 329 return 0; 330 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 331 if (retry > 0) { 332 id[0]++; 333 } 334 #endif 335 } while (SSL_has_matching_session_id(ssl, id, *id_len) && 336 (++retry < MAX_SESS_ID_ATTEMPTS)) ; 337 if (retry < MAX_SESS_ID_ATTEMPTS) 338 return 1; 339 /* else - woops a session_id match */ 340 /* 341 * XXX We should also check the external cache -- but the probability of 342 * a collision is negligible, and we could not prevent the concurrent 343 * creation of sessions with identical IDs since we currently don't have 344 * means to atomically check whether a session ID already exists and make 345 * a reservation for it if it does not (this problem applies to the 346 * internal cache as well). 347 */ 348 return 0; 349 } 350 351 int ssl_generate_session_id(SSL_CONNECTION *s, SSL_SESSION *ss) 352 { 353 unsigned int tmp; 354 GEN_SESSION_CB cb = def_generate_session_id; 355 SSL *ssl = SSL_CONNECTION_GET_SSL(s); 356 357 switch (s->version) { 358 case SSL3_VERSION: 359 case TLS1_VERSION: 360 case TLS1_1_VERSION: 361 case TLS1_2_VERSION: 362 case TLS1_3_VERSION: 363 case DTLS1_BAD_VER: 364 case DTLS1_VERSION: 365 case DTLS1_2_VERSION: 366 ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; 367 break; 368 default: 369 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_UNSUPPORTED_SSL_VERSION); 370 return 0; 371 } 372 373 /*- 374 * If RFC5077 ticket, use empty session ID (as server). 375 * Note that: 376 * (a) ssl_get_prev_session() does lookahead into the 377 * ClientHello extensions to find the session ticket. 378 * When ssl_get_prev_session() fails, statem_srvr.c calls 379 * ssl_get_new_session() in tls_process_client_hello(). 380 * At that point, it has not yet parsed the extensions, 381 * however, because of the lookahead, it already knows 382 * whether a ticket is expected or not. 383 * 384 * (b) statem_clnt.c calls ssl_get_new_session() before parsing 385 * ServerHello extensions, and before recording the session 386 * ID received from the server, so this block is a noop. 387 */ 388 if (s->ext.ticket_expected) { 389 ss->session_id_length = 0; 390 return 1; 391 } 392 393 /* Choose which callback will set the session ID */ 394 if (!CRYPTO_THREAD_read_lock(SSL_CONNECTION_GET_SSL(s)->lock)) 395 return 0; 396 if (!CRYPTO_THREAD_read_lock(s->session_ctx->lock)) { 397 CRYPTO_THREAD_unlock(ssl->lock); 398 SSLfatal(s, SSL_AD_INTERNAL_ERROR, 399 SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); 400 return 0; 401 } 402 if (s->generate_session_id) 403 cb = s->generate_session_id; 404 else if (s->session_ctx->generate_session_id) 405 cb = s->session_ctx->generate_session_id; 406 CRYPTO_THREAD_unlock(s->session_ctx->lock); 407 CRYPTO_THREAD_unlock(ssl->lock); 408 /* Choose a session ID */ 409 memset(ss->session_id, 0, ss->session_id_length); 410 tmp = (int)ss->session_id_length; 411 if (!cb(ssl, ss->session_id, &tmp)) { 412 /* The callback failed */ 413 SSLfatal(s, SSL_AD_INTERNAL_ERROR, 414 SSL_R_SSL_SESSION_ID_CALLBACK_FAILED); 415 return 0; 416 } 417 /* 418 * Don't allow the callback to set the session length to zero. nor 419 * set it higher than it was. 420 */ 421 if (tmp == 0 || tmp > ss->session_id_length) { 422 /* The callback set an illegal length */ 423 SSLfatal(s, SSL_AD_INTERNAL_ERROR, 424 SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH); 425 return 0; 426 } 427 ss->session_id_length = tmp; 428 /* Finally, check for a conflict */ 429 if (SSL_has_matching_session_id(ssl, ss->session_id, 430 (unsigned int)ss->session_id_length)) { 431 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_SSL_SESSION_ID_CONFLICT); 432 return 0; 433 } 434 435 return 1; 436 } 437 438 int ssl_get_new_session(SSL_CONNECTION *s, int session) 439 { 440 /* This gets used by clients and servers. */ 441 442 SSL_SESSION *ss = NULL; 443 444 if ((ss = SSL_SESSION_new()) == NULL) { 445 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SSL_LIB); 446 return 0; 447 } 448 449 /* If the context has a default timeout, use it */ 450 if (ossl_time_is_zero(s->session_ctx->session_timeout)) 451 ss->timeout = SSL_CONNECTION_GET_SSL(s)->method->get_timeout(); 452 else 453 ss->timeout = s->session_ctx->session_timeout; 454 ssl_session_calculate_timeout(ss); 455 456 SSL_SESSION_free(s->session); 457 s->session = NULL; 458 459 if (session) { 460 if (SSL_CONNECTION_IS_TLS13(s)) { 461 /* 462 * We generate the session id while constructing the 463 * NewSessionTicket in TLSv1.3. 464 */ 465 ss->session_id_length = 0; 466 } else if (!ssl_generate_session_id(s, ss)) { 467 /* SSLfatal() already called */ 468 SSL_SESSION_free(ss); 469 return 0; 470 } 471 472 } else { 473 ss->session_id_length = 0; 474 } 475 476 if (s->sid_ctx_length > sizeof(ss->sid_ctx)) { 477 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 478 SSL_SESSION_free(ss); 479 return 0; 480 } 481 memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length); 482 ss->sid_ctx_length = s->sid_ctx_length; 483 s->session = ss; 484 ss->ssl_version = s->version; 485 ss->verify_result = X509_V_OK; 486 487 /* If client supports extended master secret set it in session */ 488 if (s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) 489 ss->flags |= SSL_SESS_FLAG_EXTMS; 490 491 return 1; 492 } 493 494 SSL_SESSION *lookup_sess_in_cache(SSL_CONNECTION *s, 495 const unsigned char *sess_id, 496 size_t sess_id_len) 497 { 498 SSL_SESSION *ret = NULL; 499 500 if ((s->session_ctx->session_cache_mode 501 & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) == 0) { 502 SSL_SESSION data; 503 504 data.ssl_version = s->version; 505 if (!ossl_assert(sess_id_len <= SSL_MAX_SSL_SESSION_ID_LENGTH)) 506 return NULL; 507 508 memcpy(data.session_id, sess_id, sess_id_len); 509 data.session_id_length = sess_id_len; 510 511 if (!CRYPTO_THREAD_read_lock(s->session_ctx->lock)) 512 return NULL; 513 ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data); 514 if (ret != NULL) { 515 /* don't allow other threads to steal it: */ 516 if (!SSL_SESSION_up_ref(ret)) { 517 CRYPTO_THREAD_unlock(s->session_ctx->lock); 518 return NULL; 519 } 520 } 521 CRYPTO_THREAD_unlock(s->session_ctx->lock); 522 if (ret == NULL) 523 ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_miss); 524 } 525 526 if (ret == NULL && s->session_ctx->get_session_cb != NULL) { 527 int copy = 1; 528 529 ret = s->session_ctx->get_session_cb(SSL_CONNECTION_GET_USER_SSL(s), 530 sess_id, sess_id_len, ©); 531 532 if (ret != NULL) { 533 if (ret->not_resumable) { 534 /* If its not resumable then ignore this session */ 535 if (!copy) 536 SSL_SESSION_free(ret); 537 return NULL; 538 } 539 ssl_tsan_counter(s->session_ctx, 540 &s->session_ctx->stats.sess_cb_hit); 541 542 /* 543 * Increment reference count now if the session callback asks us 544 * to do so (note that if the session structures returned by the 545 * callback are shared between threads, it must handle the 546 * reference count itself [i.e. copy == 0], or things won't be 547 * thread-safe). 548 */ 549 if (copy && !SSL_SESSION_up_ref(ret)) 550 return NULL; 551 552 /* 553 * Add the externally cached session to the internal cache as 554 * well if and only if we are supposed to. 555 */ 556 if ((s->session_ctx->session_cache_mode & 557 SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0) { 558 /* 559 * Either return value of SSL_CTX_add_session should not 560 * interrupt the session resumption process. The return 561 * value is intentionally ignored. 562 */ 563 (void)SSL_CTX_add_session(s->session_ctx, ret); 564 } 565 } 566 } 567 568 return ret; 569 } 570 571 /*- 572 * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this 573 * connection. It is only called by servers. 574 * 575 * hello: The parsed ClientHello data 576 * 577 * Returns: 578 * -1: fatal error 579 * 0: no session found 580 * 1: a session may have been found. 581 * 582 * Side effects: 583 * - If a session is found then s->session is pointed at it (after freeing an 584 * existing session if need be) and s->verify_result is set from the session. 585 * - Both for new and resumed sessions, s->ext.ticket_expected is set to 1 586 * if the server should issue a new session ticket (to 0 otherwise). 587 */ 588 int ssl_get_prev_session(SSL_CONNECTION *s, CLIENTHELLO_MSG *hello) 589 { 590 /* This is used only by servers. */ 591 592 SSL_SESSION *ret = NULL; 593 int fatal = 0; 594 int try_session_cache = 0; 595 SSL_TICKET_STATUS r; 596 597 if (SSL_CONNECTION_IS_TLS13(s)) { 598 SSL_SESSION_free(s->session); 599 s->session = NULL; 600 /* 601 * By default we will send a new ticket. This can be overridden in the 602 * ticket processing. 603 */ 604 s->ext.ticket_expected = 1; 605 if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes, 606 SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts, 607 NULL, 0) 608 || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO, 609 hello->pre_proc_exts, NULL, 0)) 610 return -1; 611 612 /* If we resumed, s->session will now be set */ 613 ret = s->session; 614 } else { 615 /* sets s->ext.ticket_expected */ 616 r = tls_get_ticket_from_client(s, hello, &ret); 617 switch (r) { 618 case SSL_TICKET_FATAL_ERR_MALLOC: 619 case SSL_TICKET_FATAL_ERR_OTHER: 620 fatal = 1; 621 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 622 goto err; 623 case SSL_TICKET_NONE: 624 case SSL_TICKET_EMPTY: 625 if (hello->session_id_len > 0) { 626 try_session_cache = 1; 627 ret = lookup_sess_in_cache(s, hello->session_id, 628 hello->session_id_len); 629 } 630 break; 631 case SSL_TICKET_NO_DECRYPT: 632 case SSL_TICKET_SUCCESS: 633 case SSL_TICKET_SUCCESS_RENEW: 634 break; 635 } 636 } 637 638 if (ret == NULL) 639 goto err; 640 641 /* Now ret is non-NULL and we own one of its reference counts. */ 642 643 /* Check TLS version consistency */ 644 if (ret->ssl_version != s->version) 645 goto err; 646 647 if (ret->sid_ctx_length != s->sid_ctx_length 648 || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) { 649 /* 650 * We have the session requested by the client, but we don't want to 651 * use it in this context. 652 */ 653 goto err; /* treat like cache miss */ 654 } 655 656 if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) { 657 /* 658 * We can't be sure if this session is being used out of context, 659 * which is especially important for SSL_VERIFY_PEER. The application 660 * should have used SSL[_CTX]_set_session_id_context. For this error 661 * case, we generate an error instead of treating the event like a 662 * cache miss (otherwise it would be easy for applications to 663 * effectively disable the session cache by accident without anyone 664 * noticing). 665 */ 666 667 SSLfatal(s, SSL_AD_INTERNAL_ERROR, 668 SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); 669 fatal = 1; 670 goto err; 671 } 672 673 if (sess_timedout(ossl_time_now(), ret)) { 674 ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_timeout); 675 if (try_session_cache) { 676 /* session was from the cache, so remove it */ 677 SSL_CTX_remove_session(s->session_ctx, ret); 678 } 679 goto err; 680 } 681 682 /* Check extended master secret extension consistency */ 683 if (ret->flags & SSL_SESS_FLAG_EXTMS) { 684 /* If old session includes extms, but new does not: abort handshake */ 685 if (!(s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS)) { 686 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_INCONSISTENT_EXTMS); 687 fatal = 1; 688 goto err; 689 } 690 } else if (s->s3.flags & TLS1_FLAGS_RECEIVED_EXTMS) { 691 /* If new session includes extms, but old does not: do not resume */ 692 goto err; 693 } 694 695 if (!SSL_CONNECTION_IS_TLS13(s)) { 696 /* We already did this for TLS1.3 */ 697 SSL_SESSION_free(s->session); 698 s->session = ret; 699 } 700 701 ssl_tsan_counter(s->session_ctx, &s->session_ctx->stats.sess_hit); 702 s->verify_result = s->session->verify_result; 703 return 1; 704 705 err: 706 if (ret != NULL) { 707 SSL_SESSION_free(ret); 708 /* In TLSv1.3 s->session was already set to ret, so we NULL it out */ 709 if (SSL_CONNECTION_IS_TLS13(s)) 710 s->session = NULL; 711 712 if (!try_session_cache) { 713 /* 714 * The session was from a ticket, so we should issue a ticket for 715 * the new session 716 */ 717 s->ext.ticket_expected = 1; 718 } 719 } 720 if (fatal) 721 return -1; 722 723 return 0; 724 } 725 726 int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) 727 { 728 int ret = 0; 729 SSL_SESSION *s; 730 731 /* 732 * add just 1 reference count for the SSL_CTX's session cache even though 733 * it has two ways of access: each session is in a doubly linked list and 734 * an lhash 735 */ 736 if (!SSL_SESSION_up_ref(c)) 737 return 0; 738 /* 739 * if session c is in already in cache, we take back the increment later 740 */ 741 742 if (!CRYPTO_THREAD_write_lock(ctx->lock)) { 743 SSL_SESSION_free(c); 744 return 0; 745 } 746 s = lh_SSL_SESSION_insert(ctx->sessions, c); 747 748 /* 749 * s != NULL iff we already had a session with the given PID. In this 750 * case, s == c should hold (then we did not really modify 751 * ctx->sessions), or we're in trouble. 752 */ 753 if (s != NULL && s != c) { 754 /* We *are* in trouble ... */ 755 SSL_SESSION_list_remove(ctx, s); 756 SSL_SESSION_free(s); 757 /* 758 * ... so pretend the other session did not exist in cache (we cannot 759 * handle two SSL_SESSION structures with identical session ID in the 760 * same cache, which could happen e.g. when two threads concurrently 761 * obtain the same session from an external cache) 762 */ 763 s = NULL; 764 } else if (s == NULL && 765 lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) { 766 /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */ 767 768 /* 769 * ... so take back the extra reference and also don't add 770 * the session to the SSL_SESSION_list at this time 771 */ 772 s = c; 773 } 774 775 /* Adjust last used time, and add back into the cache at the appropriate spot */ 776 if (ctx->session_cache_mode & SSL_SESS_CACHE_UPDATE_TIME) { 777 c->time = ossl_time_now(); 778 ssl_session_calculate_timeout(c); 779 } 780 781 if (s == NULL) { 782 /* 783 * new cache entry -- remove old ones if cache has become too large 784 * delete cache entry *before* add, so we don't remove the one we're adding! 785 */ 786 787 ret = 1; 788 789 if (SSL_CTX_sess_get_cache_size(ctx) > 0) { 790 while (SSL_CTX_sess_number(ctx) >= SSL_CTX_sess_get_cache_size(ctx)) { 791 if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) 792 break; 793 else 794 ssl_tsan_counter(ctx, &ctx->stats.sess_cache_full); 795 } 796 } 797 } 798 799 SSL_SESSION_list_add(ctx, c); 800 801 if (s != NULL) { 802 /* 803 * existing cache entry -- decrement previously incremented reference 804 * count because it already takes into account the cache 805 */ 806 807 SSL_SESSION_free(s); /* s == c */ 808 ret = 0; 809 } 810 CRYPTO_THREAD_unlock(ctx->lock); 811 return ret; 812 } 813 814 int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c) 815 { 816 return remove_session_lock(ctx, c, 1); 817 } 818 819 static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) 820 { 821 SSL_SESSION *r; 822 int ret = 0; 823 824 if ((c != NULL) && (c->session_id_length != 0)) { 825 if (lck) { 826 if (!CRYPTO_THREAD_write_lock(ctx->lock)) 827 return 0; 828 } 829 if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) { 830 ret = 1; 831 r = lh_SSL_SESSION_delete(ctx->sessions, r); 832 SSL_SESSION_list_remove(ctx, r); 833 } 834 c->not_resumable = 1; 835 836 if (lck) 837 CRYPTO_THREAD_unlock(ctx->lock); 838 839 if (ctx->remove_session_cb != NULL) 840 ctx->remove_session_cb(ctx, c); 841 842 if (ret) 843 SSL_SESSION_free(r); 844 } 845 return ret; 846 } 847 848 void SSL_SESSION_free(SSL_SESSION *ss) 849 { 850 int i; 851 852 if (ss == NULL) 853 return; 854 CRYPTO_DOWN_REF(&ss->references, &i); 855 REF_PRINT_COUNT("SSL_SESSION", i, ss); 856 if (i > 0) 857 return; 858 REF_ASSERT_ISNT(i < 0); 859 860 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); 861 862 OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key)); 863 OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id)); 864 X509_free(ss->peer); 865 EVP_PKEY_free(ss->peer_rpk); 866 OSSL_STACK_OF_X509_free(ss->peer_chain); 867 OPENSSL_free(ss->ext.hostname); 868 OPENSSL_free(ss->ext.tick); 869 #ifndef OPENSSL_NO_PSK 870 OPENSSL_free(ss->psk_identity_hint); 871 OPENSSL_free(ss->psk_identity); 872 #endif 873 #ifndef OPENSSL_NO_SRP 874 OPENSSL_free(ss->srp_username); 875 #endif 876 OPENSSL_free(ss->ext.alpn_selected); 877 OPENSSL_free(ss->ticket_appdata); 878 CRYPTO_FREE_REF(&ss->references); 879 OPENSSL_clear_free(ss, sizeof(*ss)); 880 } 881 882 int SSL_SESSION_up_ref(SSL_SESSION *ss) 883 { 884 int i; 885 886 if (CRYPTO_UP_REF(&ss->references, &i) <= 0) 887 return 0; 888 889 REF_PRINT_COUNT("SSL_SESSION", i, ss); 890 REF_ASSERT_ISNT(i < 2); 891 return ((i > 1) ? 1 : 0); 892 } 893 894 int SSL_set_session(SSL *s, SSL_SESSION *session) 895 { 896 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); 897 898 if (sc == NULL) 899 return 0; 900 901 if (session != NULL && !SSL_SESSION_up_ref(session)) 902 return 0; 903 904 ssl_clear_bad_session(sc); 905 if (s->defltmeth != s->method) { 906 if (!SSL_set_ssl_method(s, s->defltmeth)) { 907 SSL_SESSION_free(session); 908 return 0; 909 } 910 } 911 912 if (session != NULL) 913 sc->verify_result = session->verify_result; 914 915 SSL_SESSION_free(sc->session); 916 sc->session = session; 917 918 return 1; 919 } 920 921 int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, 922 unsigned int sid_len) 923 { 924 if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) { 925 ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_TOO_LONG); 926 return 0; 927 } 928 s->session_id_length = sid_len; 929 if (sid != s->session_id && sid_len > 0) 930 memcpy(s->session_id, sid, sid_len); 931 932 return 1; 933 } 934 935 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t) 936 { 937 OSSL_TIME new_timeout = ossl_seconds2time(t); 938 939 if (s == NULL || t < 0) 940 return 0; 941 if (s->owner != NULL) { 942 if (!CRYPTO_THREAD_write_lock(s->owner->lock)) 943 return 0; 944 s->timeout = new_timeout; 945 ssl_session_calculate_timeout(s); 946 SSL_SESSION_list_add(s->owner, s); 947 CRYPTO_THREAD_unlock(s->owner->lock); 948 } else { 949 s->timeout = new_timeout; 950 ssl_session_calculate_timeout(s); 951 } 952 return 1; 953 } 954 955 long SSL_SESSION_get_timeout(const SSL_SESSION *s) 956 { 957 if (s == NULL) 958 return 0; 959 return (long)ossl_time_to_time_t(s->timeout); 960 } 961 962 #ifndef OPENSSL_NO_DEPRECATED_3_4 963 long SSL_SESSION_get_time(const SSL_SESSION *s) 964 { 965 return (long) SSL_SESSION_get_time_ex(s); 966 } 967 #endif 968 969 time_t SSL_SESSION_get_time_ex(const SSL_SESSION *s) 970 { 971 if (s == NULL) 972 return 0; 973 return ossl_time_to_time_t(s->time); 974 } 975 976 time_t SSL_SESSION_set_time_ex(SSL_SESSION *s, time_t t) 977 { 978 OSSL_TIME new_time = ossl_time_from_time_t(t); 979 980 if (s == NULL) 981 return 0; 982 if (s->owner != NULL) { 983 if (!CRYPTO_THREAD_write_lock(s->owner->lock)) 984 return 0; 985 s->time = new_time; 986 ssl_session_calculate_timeout(s); 987 SSL_SESSION_list_add(s->owner, s); 988 CRYPTO_THREAD_unlock(s->owner->lock); 989 } else { 990 s->time = new_time; 991 ssl_session_calculate_timeout(s); 992 } 993 return t; 994 } 995 996 #ifndef OPENSSL_NO_DEPRECATED_3_4 997 long SSL_SESSION_set_time(SSL_SESSION *s, long t) 998 { 999 return (long) SSL_SESSION_set_time_ex(s, (time_t) t); 1000 } 1001 #endif 1002 1003 int SSL_SESSION_get_protocol_version(const SSL_SESSION *s) 1004 { 1005 return s->ssl_version; 1006 } 1007 1008 int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version) 1009 { 1010 s->ssl_version = version; 1011 return 1; 1012 } 1013 1014 const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s) 1015 { 1016 return s->cipher; 1017 } 1018 1019 int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher) 1020 { 1021 s->cipher = cipher; 1022 return 1; 1023 } 1024 1025 const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s) 1026 { 1027 return s->ext.hostname; 1028 } 1029 1030 int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname) 1031 { 1032 OPENSSL_free(s->ext.hostname); 1033 if (hostname == NULL) { 1034 s->ext.hostname = NULL; 1035 return 1; 1036 } 1037 s->ext.hostname = OPENSSL_strdup(hostname); 1038 1039 return s->ext.hostname != NULL; 1040 } 1041 1042 int SSL_SESSION_has_ticket(const SSL_SESSION *s) 1043 { 1044 return (s->ext.ticklen > 0) ? 1 : 0; 1045 } 1046 1047 unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s) 1048 { 1049 return s->ext.tick_lifetime_hint; 1050 } 1051 1052 void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick, 1053 size_t *len) 1054 { 1055 *len = s->ext.ticklen; 1056 if (tick != NULL) 1057 *tick = s->ext.tick; 1058 } 1059 1060 uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s) 1061 { 1062 return s->ext.max_early_data; 1063 } 1064 1065 int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data) 1066 { 1067 s->ext.max_early_data = max_early_data; 1068 1069 return 1; 1070 } 1071 1072 void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s, 1073 const unsigned char **alpn, 1074 size_t *len) 1075 { 1076 *alpn = s->ext.alpn_selected; 1077 *len = s->ext.alpn_selected_len; 1078 } 1079 1080 int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn, 1081 size_t len) 1082 { 1083 OPENSSL_free(s->ext.alpn_selected); 1084 if (alpn == NULL || len == 0) { 1085 s->ext.alpn_selected = NULL; 1086 s->ext.alpn_selected_len = 0; 1087 return 1; 1088 } 1089 s->ext.alpn_selected = OPENSSL_memdup(alpn, len); 1090 if (s->ext.alpn_selected == NULL) { 1091 s->ext.alpn_selected_len = 0; 1092 return 0; 1093 } 1094 s->ext.alpn_selected_len = len; 1095 1096 return 1; 1097 } 1098 1099 X509 *SSL_SESSION_get0_peer(SSL_SESSION *s) 1100 { 1101 return s->peer; 1102 } 1103 1104 EVP_PKEY *SSL_SESSION_get0_peer_rpk(SSL_SESSION *s) 1105 { 1106 return s->peer_rpk; 1107 } 1108 1109 int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, 1110 unsigned int sid_ctx_len) 1111 { 1112 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 1113 ERR_raise(ERR_LIB_SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 1114 return 0; 1115 } 1116 s->sid_ctx_length = sid_ctx_len; 1117 if (sid_ctx != s->sid_ctx) 1118 memcpy(s->sid_ctx, sid_ctx, sid_ctx_len); 1119 1120 return 1; 1121 } 1122 1123 int SSL_SESSION_is_resumable(const SSL_SESSION *s) 1124 { 1125 /* 1126 * In the case of EAP-FAST, we can have a pre-shared "ticket" without a 1127 * session ID. 1128 */ 1129 return !s->not_resumable 1130 && (s->session_id_length > 0 || s->ext.ticklen > 0); 1131 } 1132 1133 long SSL_CTX_set_timeout(SSL_CTX *s, long t) 1134 { 1135 long l; 1136 1137 if (s == NULL) 1138 return 0; 1139 l = (long)ossl_time2seconds(s->session_timeout); 1140 s->session_timeout = ossl_seconds2time(t); 1141 return l; 1142 } 1143 1144 long SSL_CTX_get_timeout(const SSL_CTX *s) 1145 { 1146 if (s == NULL) 1147 return 0; 1148 return (long)ossl_time2seconds(s->session_timeout); 1149 } 1150 1151 int SSL_set_session_secret_cb(SSL *s, 1152 tls_session_secret_cb_fn tls_session_secret_cb, 1153 void *arg) 1154 { 1155 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); 1156 1157 if (sc == NULL) 1158 return 0; 1159 1160 sc->ext.session_secret_cb = tls_session_secret_cb; 1161 sc->ext.session_secret_cb_arg = arg; 1162 return 1; 1163 } 1164 1165 int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, 1166 void *arg) 1167 { 1168 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); 1169 1170 if (sc == NULL) 1171 return 0; 1172 1173 sc->ext.session_ticket_cb = cb; 1174 sc->ext.session_ticket_cb_arg = arg; 1175 return 1; 1176 } 1177 1178 int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) 1179 { 1180 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); 1181 1182 if (sc == NULL) 1183 return 0; 1184 1185 if (sc->version >= TLS1_VERSION) { 1186 OPENSSL_free(sc->ext.session_ticket); 1187 sc->ext.session_ticket = NULL; 1188 sc->ext.session_ticket = 1189 OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); 1190 if (sc->ext.session_ticket == NULL) 1191 return 0; 1192 1193 if (ext_data != NULL) { 1194 sc->ext.session_ticket->length = ext_len; 1195 sc->ext.session_ticket->data = sc->ext.session_ticket + 1; 1196 memcpy(sc->ext.session_ticket->data, ext_data, ext_len); 1197 } else { 1198 sc->ext.session_ticket->length = 0; 1199 sc->ext.session_ticket->data = NULL; 1200 } 1201 1202 return 1; 1203 } 1204 1205 return 0; 1206 } 1207 1208 #ifndef OPENSSL_NO_DEPRECATED_3_4 1209 void SSL_CTX_flush_sessions(SSL_CTX *s, long t) 1210 { 1211 SSL_CTX_flush_sessions_ex(s, (time_t) t); 1212 } 1213 #endif 1214 1215 void SSL_CTX_flush_sessions_ex(SSL_CTX *s, time_t t) 1216 { 1217 STACK_OF(SSL_SESSION) *sk; 1218 SSL_SESSION *current; 1219 unsigned long i; 1220 const OSSL_TIME timeout = ossl_time_from_time_t(t); 1221 1222 if (!CRYPTO_THREAD_write_lock(s->lock)) 1223 return; 1224 1225 sk = sk_SSL_SESSION_new_null(); 1226 i = lh_SSL_SESSION_get_down_load(s->sessions); 1227 lh_SSL_SESSION_set_down_load(s->sessions, 0); 1228 1229 /* 1230 * Iterate over the list from the back (oldest), and stop 1231 * when a session can no longer be removed. 1232 * Add the session to a temporary list to be freed outside 1233 * the SSL_CTX lock. 1234 * But still do the remove_session_cb() within the lock. 1235 */ 1236 while (s->session_cache_tail != NULL) { 1237 current = s->session_cache_tail; 1238 if (t == 0 || sess_timedout(timeout, current)) { 1239 lh_SSL_SESSION_delete(s->sessions, current); 1240 SSL_SESSION_list_remove(s, current); 1241 current->not_resumable = 1; 1242 if (s->remove_session_cb != NULL) 1243 s->remove_session_cb(s, current); 1244 /* 1245 * Throw the session on a stack, it's entirely plausible 1246 * that while freeing outside the critical section, the 1247 * session could be re-added, so avoid using the next/prev 1248 * pointers. If the stack failed to create, or the session 1249 * couldn't be put on the stack, just free it here 1250 */ 1251 if (sk == NULL || !sk_SSL_SESSION_push(sk, current)) 1252 SSL_SESSION_free(current); 1253 } else { 1254 break; 1255 } 1256 } 1257 1258 lh_SSL_SESSION_set_down_load(s->sessions, i); 1259 CRYPTO_THREAD_unlock(s->lock); 1260 1261 sk_SSL_SESSION_pop_free(sk, SSL_SESSION_free); 1262 } 1263 1264 int ssl_clear_bad_session(SSL_CONNECTION *s) 1265 { 1266 if ((s->session != NULL) && 1267 !(s->shutdown & SSL_SENT_SHUTDOWN) && 1268 !(SSL_in_init(SSL_CONNECTION_GET_SSL(s)) 1269 || SSL_in_before(SSL_CONNECTION_GET_SSL(s)))) { 1270 SSL_CTX_remove_session(s->session_ctx, s->session); 1271 return 1; 1272 } else 1273 return 0; 1274 } 1275 1276 /* locked by SSL_CTX in the calling function */ 1277 static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s) 1278 { 1279 if ((s->next == NULL) || (s->prev == NULL)) 1280 return; 1281 1282 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) { 1283 /* last element in list */ 1284 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) { 1285 /* only one element in list */ 1286 ctx->session_cache_head = NULL; 1287 ctx->session_cache_tail = NULL; 1288 } else { 1289 ctx->session_cache_tail = s->prev; 1290 s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail); 1291 } 1292 } else { 1293 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) { 1294 /* first element in list */ 1295 ctx->session_cache_head = s->next; 1296 s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head); 1297 } else { 1298 /* middle of list */ 1299 s->next->prev = s->prev; 1300 s->prev->next = s->next; 1301 } 1302 } 1303 s->prev = s->next = NULL; 1304 s->owner = NULL; 1305 } 1306 1307 static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) 1308 { 1309 SSL_SESSION *next; 1310 1311 if ((s->next != NULL) && (s->prev != NULL)) 1312 SSL_SESSION_list_remove(ctx, s); 1313 1314 if (ctx->session_cache_head == NULL) { 1315 ctx->session_cache_head = s; 1316 ctx->session_cache_tail = s; 1317 s->prev = (SSL_SESSION *)&(ctx->session_cache_head); 1318 s->next = (SSL_SESSION *)&(ctx->session_cache_tail); 1319 } else { 1320 if (timeoutcmp(s, ctx->session_cache_head) >= 0) { 1321 /* 1322 * if we timeout after (or the same time as) the first 1323 * session, put us first - usual case 1324 */ 1325 s->next = ctx->session_cache_head; 1326 s->next->prev = s; 1327 s->prev = (SSL_SESSION *)&(ctx->session_cache_head); 1328 ctx->session_cache_head = s; 1329 } else if (timeoutcmp(s, ctx->session_cache_tail) < 0) { 1330 /* if we timeout before the last session, put us last */ 1331 s->prev = ctx->session_cache_tail; 1332 s->prev->next = s; 1333 s->next = (SSL_SESSION *)&(ctx->session_cache_tail); 1334 ctx->session_cache_tail = s; 1335 } else { 1336 /* 1337 * we timeout somewhere in-between - if there is only 1338 * one session in the cache it will be caught above 1339 */ 1340 next = ctx->session_cache_head->next; 1341 while (next != (SSL_SESSION*)&(ctx->session_cache_tail)) { 1342 if (timeoutcmp(s, next) >= 0) { 1343 s->next = next; 1344 s->prev = next->prev; 1345 next->prev->next = s; 1346 next->prev = s; 1347 break; 1348 } 1349 next = next->next; 1350 } 1351 } 1352 } 1353 s->owner = ctx; 1354 } 1355 1356 void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, 1357 int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess)) 1358 { 1359 ctx->new_session_cb = cb; 1360 } 1361 1362 int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) { 1363 return ctx->new_session_cb; 1364 } 1365 1366 void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, 1367 void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess)) 1368 { 1369 ctx->remove_session_cb = cb; 1370 } 1371 1372 void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx, 1373 SSL_SESSION *sess) { 1374 return ctx->remove_session_cb; 1375 } 1376 1377 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, 1378 SSL_SESSION *(*cb) (SSL *ssl, 1379 const unsigned char *data, 1380 int len, int *copy)) 1381 { 1382 ctx->get_session_cb = cb; 1383 } 1384 1385 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl, 1386 const unsigned char 1387 *data, int len, 1388 int *copy) { 1389 return ctx->get_session_cb; 1390 } 1391 1392 void SSL_CTX_set_info_callback(SSL_CTX *ctx, 1393 void (*cb) (const SSL *ssl, int type, int val)) 1394 { 1395 ctx->info_callback = cb; 1396 } 1397 1398 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type, 1399 int val) { 1400 return ctx->info_callback; 1401 } 1402 1403 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, 1404 int (*cb) (SSL *ssl, X509 **x509, 1405 EVP_PKEY **pkey)) 1406 { 1407 ctx->client_cert_cb = cb; 1408 } 1409 1410 int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509, 1411 EVP_PKEY **pkey) { 1412 return ctx->client_cert_cb; 1413 } 1414 1415 void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, 1416 int (*cb) (SSL *ssl, 1417 unsigned char *cookie, 1418 unsigned int *cookie_len)) 1419 { 1420 ctx->app_gen_cookie_cb = cb; 1421 } 1422 1423 void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, 1424 int (*cb) (SSL *ssl, 1425 const unsigned char *cookie, 1426 unsigned int cookie_len)) 1427 { 1428 ctx->app_verify_cookie_cb = cb; 1429 } 1430 1431 int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len) 1432 { 1433 OPENSSL_free(ss->ticket_appdata); 1434 ss->ticket_appdata_len = 0; 1435 if (data == NULL || len == 0) { 1436 ss->ticket_appdata = NULL; 1437 return 1; 1438 } 1439 ss->ticket_appdata = OPENSSL_memdup(data, len); 1440 if (ss->ticket_appdata != NULL) { 1441 ss->ticket_appdata_len = len; 1442 return 1; 1443 } 1444 return 0; 1445 } 1446 1447 int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len) 1448 { 1449 *data = ss->ticket_appdata; 1450 *len = ss->ticket_appdata_len; 1451 return 1; 1452 } 1453 1454 void SSL_CTX_set_stateless_cookie_generate_cb( 1455 SSL_CTX *ctx, 1456 int (*cb) (SSL *ssl, 1457 unsigned char *cookie, 1458 size_t *cookie_len)) 1459 { 1460 ctx->gen_stateless_cookie_cb = cb; 1461 } 1462 1463 void SSL_CTX_set_stateless_cookie_verify_cb( 1464 SSL_CTX *ctx, 1465 int (*cb) (SSL *ssl, 1466 const unsigned char *cookie, 1467 size_t cookie_len)) 1468 { 1469 ctx->verify_stateless_cookie_cb = cb; 1470 } 1471 1472 IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION) 1473