summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_sess.c
diff options
context:
space:
mode:
authorjsing <>2021-10-25 10:01:46 +0000
committerjsing <>2021-10-25 10:01:46 +0000
commitb56105c2617b86206d3688dd7940aa6e553af6e1 (patch)
tree7da475234e07731ebcbe2828153d1920d308e436 /src/lib/libssl/ssl_sess.c
parent75891c69eb8972c8d768d8bd1068a807ba084652 (diff)
downloadopenbsd-b56105c2617b86206d3688dd7940aa6e553af6e1.tar.gz
openbsd-b56105c2617b86206d3688dd7940aa6e553af6e1.tar.bz2
openbsd-b56105c2617b86206d3688dd7940aa6e553af6e1.zip
Fold SSL_SESSION_INTERNAL back into SSL_SESSION.
ok beck@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_sess.c')
-rw-r--r--src/lib/libssl/ssl_sess.c72
1 files changed, 33 insertions, 39 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 4e798e08f0..2fa6af4564 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sess.c,v 1.105 2021/09/08 17:27:33 tb Exp $ */ 1/* $OpenBSD: ssl_sess.c,v 1.106 2021/10/25 10:01:46 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -186,13 +186,13 @@ SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
186int 186int
187SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) 187SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
188{ 188{
189 return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg)); 189 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
190} 190}
191 191
192void * 192void *
193SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx) 193SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
194{ 194{
195 return (CRYPTO_get_ex_data(&s->internal->ex_data, idx)); 195 return (CRYPTO_get_ex_data(&s->ex_data, idx));
196} 196}
197 197
198uint32_t 198uint32_t
@@ -221,26 +221,21 @@ SSL_SESSION_new(void)
221 SSLerrorx(ERR_R_MALLOC_FAILURE); 221 SSLerrorx(ERR_R_MALLOC_FAILURE);
222 return (NULL); 222 return (NULL);
223 } 223 }
224 if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
225 free(ss);
226 SSLerrorx(ERR_R_MALLOC_FAILURE);
227 return (NULL);
228 }
229 224
230 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ 225 ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
231 ss->references = 1; 226 ss->references = 1;
232 ss->timeout=60*5+4; /* 5 minute timeout by default */ 227 ss->timeout=60*5+4; /* 5 minute timeout by default */
233 ss->time = time(NULL); 228 ss->time = time(NULL);
234 ss->internal->prev = NULL; 229 ss->prev = NULL;
235 ss->internal->next = NULL; 230 ss->next = NULL;
236 ss->tlsext_hostname = NULL; 231 ss->tlsext_hostname = NULL;
237 232
238 ss->internal->tlsext_ecpointformatlist_length = 0; 233 ss->tlsext_ecpointformatlist_length = 0;
239 ss->internal->tlsext_ecpointformatlist = NULL; 234 ss->tlsext_ecpointformatlist = NULL;
240 ss->internal->tlsext_supportedgroups_length = 0; 235 ss->tlsext_supportedgroups_length = 0;
241 ss->internal->tlsext_supportedgroups = NULL; 236 ss->tlsext_supportedgroups = NULL;
242 237
243 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->internal->ex_data); 238 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
244 239
245 return (ss); 240 return (ss);
246} 241}
@@ -738,7 +733,7 @@ remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
738 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 733 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
739 734
740 if (ret) { 735 if (ret) {
741 r->internal->not_resumable = 1; 736 r->not_resumable = 1;
742 if (ctx->internal->remove_session_cb != NULL) 737 if (ctx->internal->remove_session_cb != NULL)
743 ctx->internal->remove_session_cb(ctx, r); 738 ctx->internal->remove_session_cb(ctx, r);
744 SSL_SESSION_free(r); 739 SSL_SESSION_free(r);
@@ -760,12 +755,12 @@ SSL_SESSION_free(SSL_SESSION *ss)
760 if (i > 0) 755 if (i > 0)
761 return; 756 return;
762 757
763 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->internal->ex_data); 758 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
764 759
765 explicit_bzero(ss->master_key, sizeof ss->master_key); 760 explicit_bzero(ss->master_key, sizeof ss->master_key);
766 explicit_bzero(ss->session_id, sizeof ss->session_id); 761 explicit_bzero(ss->session_id, sizeof ss->session_id);
767 762
768 ssl_sess_cert_free(ss->internal->sess_cert); 763 ssl_sess_cert_free(ss->sess_cert);
769 764
770 X509_free(ss->peer); 765 X509_free(ss->peer);
771 766
@@ -773,10 +768,9 @@ SSL_SESSION_free(SSL_SESSION *ss)
773 768
774 free(ss->tlsext_hostname); 769 free(ss->tlsext_hostname);
775 free(ss->tlsext_tick); 770 free(ss->tlsext_tick);
776 free(ss->internal->tlsext_ecpointformatlist); 771 free(ss->tlsext_ecpointformatlist);
777 free(ss->internal->tlsext_supportedgroups); 772 free(ss->tlsext_supportedgroups);
778 773
779 freezero(ss->internal, sizeof(*ss->internal));
780 freezero(ss, sizeof(*ss)); 774 freezero(ss, sizeof(*ss));
781} 775}
782 776
@@ -1007,7 +1001,7 @@ timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
1007 * save on locking overhead */ 1001 * save on locking overhead */
1008 (void)lh_SSL_SESSION_delete(p->cache, s); 1002 (void)lh_SSL_SESSION_delete(p->cache, s);
1009 SSL_SESSION_list_remove(p->ctx, s); 1003 SSL_SESSION_list_remove(p->ctx, s);
1010 s->internal->not_resumable = 1; 1004 s->not_resumable = 1;
1011 if (p->ctx->internal->remove_session_cb != NULL) 1005 if (p->ctx->internal->remove_session_cb != NULL)
1012 p->ctx->internal->remove_session_cb(p->ctx, s); 1006 p->ctx->internal->remove_session_cb(p->ctx, s);
1013 SSL_SESSION_free(s); 1007 SSL_SESSION_free(s);
@@ -1059,50 +1053,50 @@ ssl_clear_bad_session(SSL *s)
1059static void 1053static void
1060SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s) 1054SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
1061{ 1055{
1062 if ((s->internal->next == NULL) || (s->internal->prev == NULL)) 1056 if (s->next == NULL || s->prev == NULL)
1063 return; 1057 return;
1064 1058
1065 if (s->internal->next == (SSL_SESSION *)&(ctx->internal->session_cache_tail)) { 1059 if (s->next == (SSL_SESSION *)&(ctx->internal->session_cache_tail)) {
1066 /* last element in list */ 1060 /* last element in list */
1067 if (s->internal->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) { 1061 if (s->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) {
1068 /* only one element in list */ 1062 /* only one element in list */
1069 ctx->internal->session_cache_head = NULL; 1063 ctx->internal->session_cache_head = NULL;
1070 ctx->internal->session_cache_tail = NULL; 1064 ctx->internal->session_cache_tail = NULL;
1071 } else { 1065 } else {
1072 ctx->internal->session_cache_tail = s->internal->prev; 1066 ctx->internal->session_cache_tail = s->prev;
1073 s->internal->prev->internal->next = 1067 s->prev->next =
1074 (SSL_SESSION *)&(ctx->internal->session_cache_tail); 1068 (SSL_SESSION *)&(ctx->internal->session_cache_tail);
1075 } 1069 }
1076 } else { 1070 } else {
1077 if (s->internal->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) { 1071 if (s->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) {
1078 /* first element in list */ 1072 /* first element in list */
1079 ctx->internal->session_cache_head = s->internal->next; 1073 ctx->internal->session_cache_head = s->next;
1080 s->internal->next->internal->prev = 1074 s->next->prev =
1081 (SSL_SESSION *)&(ctx->internal->session_cache_head); 1075 (SSL_SESSION *)&(ctx->internal->session_cache_head);
1082 } else { 1076 } else {
1083 /* middle of list */ 1077 /* middle of list */
1084 s->internal->next->internal->prev = s->internal->prev; 1078 s->next->prev = s->prev;
1085 s->internal->prev->internal->next = s->internal->next; 1079 s->prev->next = s->next;
1086 } 1080 }
1087 } 1081 }
1088 s->internal->prev = s->internal->next = NULL; 1082 s->prev = s->next = NULL;
1089} 1083}
1090 1084
1091static void 1085static void
1092SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) 1086SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
1093{ 1087{
1094 if ((s->internal->next != NULL) && (s->internal->prev != NULL)) 1088 if (s->next != NULL && s->prev != NULL)
1095 SSL_SESSION_list_remove(ctx, s); 1089 SSL_SESSION_list_remove(ctx, s);
1096 1090
1097 if (ctx->internal->session_cache_head == NULL) { 1091 if (ctx->internal->session_cache_head == NULL) {
1098 ctx->internal->session_cache_head = s; 1092 ctx->internal->session_cache_head = s;
1099 ctx->internal->session_cache_tail = s; 1093 ctx->internal->session_cache_tail = s;
1100 s->internal->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head); 1094 s->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head);
1101 s->internal->next = (SSL_SESSION *)&(ctx->internal->session_cache_tail); 1095 s->next = (SSL_SESSION *)&(ctx->internal->session_cache_tail);
1102 } else { 1096 } else {
1103 s->internal->next = ctx->internal->session_cache_head; 1097 s->next = ctx->internal->session_cache_head;
1104 s->internal->next->internal->prev = s; 1098 s->next->prev = s;
1105 s->internal->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head); 1099 s->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head);
1106 ctx->internal->session_cache_head = s; 1100 ctx->internal->session_cache_head = s;
1107 } 1101 }
1108} 1102}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 08:30:48 +0000