diff options
| author | djm <> | 2008-09-06 12:15:56 +0000 |
|---|---|---|
| committer | djm <> | 2008-09-06 12:15:56 +0000 |
| commit | 5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80 (patch) | |
| tree | aba68249883aa9d2361d92eef69a81d0c4961732 /src/lib/libssl/ssl_sess.c | |
| parent | f6198d4d0ab97685dc56be2d48715ed39fcc74b9 (diff) | |
| download | openbsd-5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80.tar.gz openbsd-5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80.tar.bz2 openbsd-5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80.zip | |
import of OpenSSL 0.9.8h
Diffstat (limited to 'src/lib/libssl/ssl_sess.c')
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 189 |
1 files changed, 159 insertions, 30 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 2ba8b9612e..ee88be2b88 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -122,10 +122,20 @@ SSL_SESSION *SSL_SESSION_new(void) | |||
| 122 | ss->prev=NULL; | 122 | ss->prev=NULL; |
| 123 | ss->next=NULL; | 123 | ss->next=NULL; |
| 124 | ss->compress_meth=0; | 124 | ss->compress_meth=0; |
| 125 | #ifndef OPENSSL_NO_TLSEXT | ||
| 126 | ss->tlsext_hostname = NULL; | ||
| 127 | #endif | ||
| 125 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); | 128 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
| 126 | return(ss); | 129 | return(ss); |
| 127 | } | 130 | } |
| 128 | 131 | ||
| 132 | const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) | ||
| 133 | { | ||
| 134 | if(len) | ||
| 135 | *len = s->session_id_length; | ||
| 136 | return s->session_id; | ||
| 137 | } | ||
| 138 | |||
| 129 | /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1 | 139 | /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1 |
| 130 | * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly | 140 | * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly |
| 131 | * until we have no conflict is going to complete in one iteration pretty much | 141 | * until we have no conflict is going to complete in one iteration pretty much |
| @@ -141,7 +151,7 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id, | |||
| 141 | { | 151 | { |
| 142 | unsigned int retry = 0; | 152 | unsigned int retry = 0; |
| 143 | do | 153 | do |
| 144 | if(RAND_pseudo_bytes(id, *id_len) <= 0) | 154 | if (RAND_pseudo_bytes(id, *id_len) <= 0) |
| 145 | return 0; | 155 | return 0; |
| 146 | while(SSL_has_matching_session_id(ssl, id, *id_len) && | 156 | while(SSL_has_matching_session_id(ssl, id, *id_len) && |
| 147 | (++retry < MAX_SESS_ID_ATTEMPTS)); | 157 | (++retry < MAX_SESS_ID_ATTEMPTS)); |
| @@ -198,12 +208,25 @@ int ssl_get_new_session(SSL *s, int session) | |||
| 198 | ss->ssl_version=TLS1_VERSION; | 208 | ss->ssl_version=TLS1_VERSION; |
| 199 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; | 209 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; |
| 200 | } | 210 | } |
| 211 | else if (s->version == DTLS1_VERSION) | ||
| 212 | { | ||
| 213 | ss->ssl_version=DTLS1_VERSION; | ||
| 214 | ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; | ||
| 215 | } | ||
| 201 | else | 216 | else |
| 202 | { | 217 | { |
| 203 | SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); | 218 | SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); |
| 204 | SSL_SESSION_free(ss); | 219 | SSL_SESSION_free(ss); |
| 205 | return(0); | 220 | return(0); |
| 206 | } | 221 | } |
| 222 | #ifndef OPENSSL_NO_TLSEXT | ||
| 223 | /* If RFC4507 ticket use empty session ID */ | ||
| 224 | if (s->tlsext_ticket_expected) | ||
| 225 | { | ||
| 226 | ss->session_id_length = 0; | ||
| 227 | goto sess_id_done; | ||
| 228 | } | ||
| 229 | #endif | ||
| 207 | /* Choose which callback will set the session ID */ | 230 | /* Choose which callback will set the session ID */ |
| 208 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); | 231 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); |
| 209 | if(s->generate_session_id) | 232 | if(s->generate_session_id) |
| @@ -245,6 +268,17 @@ int ssl_get_new_session(SSL *s, int session) | |||
| 245 | SSL_SESSION_free(ss); | 268 | SSL_SESSION_free(ss); |
| 246 | return(0); | 269 | return(0); |
| 247 | } | 270 | } |
| 271 | #ifndef OPENSSL_NO_TLSEXT | ||
| 272 | sess_id_done: | ||
| 273 | if (s->tlsext_hostname) { | ||
| 274 | ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname); | ||
| 275 | if (ss->tlsext_hostname == NULL) { | ||
| 276 | SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR); | ||
| 277 | SSL_SESSION_free(ss); | ||
| 278 | return 0; | ||
| 279 | } | ||
| 280 | } | ||
| 281 | #endif | ||
| 248 | } | 282 | } |
| 249 | else | 283 | else |
| 250 | { | 284 | { |
| @@ -266,21 +300,41 @@ int ssl_get_new_session(SSL *s, int session) | |||
| 266 | return(1); | 300 | return(1); |
| 267 | } | 301 | } |
| 268 | 302 | ||
| 269 | int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) | 303 | int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, |
| 304 | const unsigned char *limit) | ||
| 270 | { | 305 | { |
| 271 | /* This is used only by servers. */ | 306 | /* This is used only by servers. */ |
| 272 | 307 | ||
| 273 | SSL_SESSION *ret=NULL,data; | 308 | SSL_SESSION *ret=NULL; |
| 274 | int fatal = 0; | 309 | int fatal = 0; |
| 275 | 310 | #ifndef OPENSSL_NO_TLSEXT | |
| 276 | data.ssl_version=s->version; | 311 | int r; |
| 277 | data.session_id_length=len; | 312 | #endif |
| 313 | |||
| 278 | if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) | 314 | if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) |
| 279 | goto err; | 315 | goto err; |
| 280 | memcpy(data.session_id,session_id,len); | 316 | #ifndef OPENSSL_NO_TLSEXT |
| 281 | 317 | r = tls1_process_ticket(s, session_id, len, limit, &ret); | |
| 318 | if (r == -1) | ||
| 319 | { | ||
| 320 | fatal = 1; | ||
| 321 | goto err; | ||
| 322 | } | ||
| 323 | else if (r == 0 || (!ret && !len)) | ||
| 324 | goto err; | ||
| 325 | else if (!ret && !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) | ||
| 326 | #else | ||
| 327 | if (len == 0) | ||
| 328 | goto err; | ||
| 282 | if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) | 329 | if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) |
| 330 | #endif | ||
| 283 | { | 331 | { |
| 332 | SSL_SESSION data; | ||
| 333 | data.ssl_version=s->version; | ||
| 334 | data.session_id_length=len; | ||
| 335 | if (len == 0) | ||
| 336 | return 0; | ||
| 337 | memcpy(data.session_id,session_id,len); | ||
| 284 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); | 338 | CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); |
| 285 | ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data); | 339 | ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data); |
| 286 | if (ret != NULL) | 340 | if (ret != NULL) |
| @@ -322,33 +376,35 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) | |||
| 322 | 376 | ||
| 323 | /* Now ret is non-NULL, and we own one of its reference counts. */ | 377 | /* Now ret is non-NULL, and we own one of its reference counts. */ |
| 324 | 378 | ||
| 325 | if((s->verify_mode&SSL_VERIFY_PEER) | 379 | if (ret->sid_ctx_length != s->sid_ctx_length |
| 326 | && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length | 380 | || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)) |
| 327 | || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))) | 381 | { |
| 328 | { | ||
| 329 | /* We've found the session named by the client, but we don't | 382 | /* We've found the session named by the client, but we don't |
| 330 | * want to use it in this context. */ | 383 | * want to use it in this context. */ |
| 331 | |||
| 332 | if (s->sid_ctx_length == 0) | ||
| 333 | { | ||
| 334 | /* application should have used SSL[_CTX]_set_session_id_context | ||
| 335 | * -- we could tolerate this and just pretend we never heard | ||
| 336 | * of this session, but then applications could effectively | ||
| 337 | * disable the session cache by accident without anyone noticing */ | ||
| 338 | 384 | ||
| 339 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); | ||
| 340 | fatal = 1; | ||
| 341 | goto err; | ||
| 342 | } | ||
| 343 | else | ||
| 344 | { | ||
| 345 | #if 0 /* The client cannot always know when a session is not appropriate, | 385 | #if 0 /* The client cannot always know when a session is not appropriate, |
| 346 | * so we shouldn't generate an error message. */ | 386 | * so we shouldn't generate an error message. */ |
| 347 | 387 | ||
| 348 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); | 388 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); |
| 349 | #endif | 389 | #endif |
| 350 | goto err; /* treat like cache miss */ | 390 | goto err; /* treat like cache miss */ |
| 351 | } | 391 | } |
| 392 | |||
| 393 | if((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) | ||
| 394 | { | ||
| 395 | /* We can't be sure if this session is being used out of | ||
| 396 | * context, which is especially important for SSL_VERIFY_PEER. | ||
| 397 | * The application should have used SSL[_CTX]_set_session_id_context. | ||
| 398 | * | ||
| 399 | * For this error case, we generate an error instead of treating | ||
| 400 | * the event like a cache miss (otherwise it would be easy for | ||
| 401 | * applications to effectively disable the session cache by | ||
| 402 | * accident without anyone noticing). | ||
| 403 | */ | ||
| 404 | |||
| 405 | SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); | ||
| 406 | fatal = 1; | ||
| 407 | goto err; | ||
| 352 | } | 408 | } |
| 353 | 409 | ||
| 354 | if (ret->cipher == NULL) | 410 | if (ret->cipher == NULL) |
| @@ -534,6 +590,10 @@ void SSL_SESSION_free(SSL_SESSION *ss) | |||
| 534 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); | 590 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); |
| 535 | if (ss->peer != NULL) X509_free(ss->peer); | 591 | if (ss->peer != NULL) X509_free(ss->peer); |
| 536 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); | 592 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); |
| 593 | #ifndef OPENSSL_NO_TLSEXT | ||
| 594 | if (ss->tlsext_hostname != NULL) OPENSSL_free(ss->tlsext_hostname); | ||
| 595 | if (ss->tlsext_tick != NULL) OPENSSL_free(ss->tlsext_tick); | ||
| 596 | #endif | ||
| 537 | OPENSSL_cleanse(ss,sizeof(*ss)); | 597 | OPENSSL_cleanse(ss,sizeof(*ss)); |
| 538 | OPENSSL_free(ss); | 598 | OPENSSL_free(ss); |
| 539 | } | 599 | } |
| @@ -568,7 +628,7 @@ int SSL_set_session(SSL *s, SSL_SESSION *session) | |||
| 568 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && | 628 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && |
| 569 | session->krb5_client_princ_len > 0) | 629 | session->krb5_client_princ_len > 0) |
| 570 | { | 630 | { |
| 571 | s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1); | 631 | s->kssl_ctx->client_princ = (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1); |
| 572 | memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ, | 632 | memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ, |
| 573 | session->krb5_client_princ_len); | 633 | session->krb5_client_princ_len); |
| 574 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; | 634 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; |
| @@ -753,3 +813,72 @@ static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) | |||
| 753 | } | 813 | } |
| 754 | } | 814 | } |
| 755 | 815 | ||
| 816 | void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, | ||
| 817 | int (*cb)(struct ssl_st *ssl,SSL_SESSION *sess)) | ||
| 818 | { | ||
| 819 | ctx->new_session_cb=cb; | ||
| 820 | } | ||
| 821 | |||
| 822 | int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess) | ||
| 823 | { | ||
| 824 | return ctx->new_session_cb; | ||
| 825 | } | ||
| 826 | |||
| 827 | void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, | ||
| 828 | void (*cb)(SSL_CTX *ctx,SSL_SESSION *sess)) | ||
| 829 | { | ||
| 830 | ctx->remove_session_cb=cb; | ||
| 831 | } | ||
| 832 | |||
| 833 | void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx,SSL_SESSION *sess) | ||
| 834 | { | ||
| 835 | return ctx->remove_session_cb; | ||
| 836 | } | ||
| 837 | |||
| 838 | void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, | ||
| 839 | SSL_SESSION *(*cb)(struct ssl_st *ssl, | ||
| 840 | unsigned char *data,int len,int *copy)) | ||
| 841 | { | ||
| 842 | ctx->get_session_cb=cb; | ||
| 843 | } | ||
| 844 | |||
| 845 | SSL_SESSION * (*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, | ||
| 846 | unsigned char *data,int len,int *copy) | ||
| 847 | { | ||
| 848 | return ctx->get_session_cb; | ||
| 849 | } | ||
| 850 | |||
| 851 | void SSL_CTX_set_info_callback(SSL_CTX *ctx, | ||
| 852 | void (*cb)(const SSL *ssl,int type,int val)) | ||
| 853 | { | ||
| 854 | ctx->info_callback=cb; | ||
| 855 | } | ||
| 856 | |||
| 857 | void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val) | ||
| 858 | { | ||
| 859 | return ctx->info_callback; | ||
| 860 | } | ||
| 861 | |||
| 862 | void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, | ||
| 863 | int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)) | ||
| 864 | { | ||
| 865 | ctx->client_cert_cb=cb; | ||
| 866 | } | ||
| 867 | |||
| 868 | int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509 , EVP_PKEY **pkey) | ||
| 869 | { | ||
| 870 | return ctx->client_cert_cb; | ||
| 871 | } | ||
| 872 | |||
| 873 | void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, | ||
| 874 | int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)) | ||
| 875 | { | ||
| 876 | ctx->app_gen_cookie_cb=cb; | ||
| 877 | } | ||
| 878 | |||
| 879 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, | ||
| 880 | int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)) | ||
| 881 | { | ||
| 882 | ctx->app_verify_cookie_cb=cb; | ||
| 883 | } | ||
| 884 | |||