X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fssl_sess.c;h=c9a9e2364a8a9ae2fbebee604769127eafe7b214;hb=327d38d0ac1da6f6d7ad009260061630f4ec0c82;hp=f168900dea80bde784019c18a3e8955479eb9edd;hpb=739a1eb1961cdc3b1597a040766f3cb359d095f6;p=openssl.git

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index f168900dea..c9a9e2364a 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -132,7 +132,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     dest->tlsext_hostname = NULL;
 #ifndef OPENSSL_NO_EC
     dest->tlsext_ecpointformatlist = NULL;
-    dest->tlsext_ellipticcurvelist = NULL;
+    dest->tlsext_supportedgroupslist = NULL;
 #endif
     dest->tlsext_tick = NULL;
 #ifndef OPENSSL_NO_SRP
@@ -158,7 +158,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
         if (dest->peer_chain == NULL)
             goto err;
     }
-
 #ifndef OPENSSL_NO_PSK
     if (src->psk_identity_hint) {
         dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);
@@ -174,14 +173,14 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     }
 #endif
 
-    if(src->ciphers != NULL) {
+    if (src->ciphers != NULL) {
         dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
         if (dest->ciphers == NULL)
             goto err;
     }
 
     if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
-                                            &dest->ex_data, &src->ex_data)) {
+                            &dest->ex_data, &src->ex_data)) {
         goto err;
     }
 
@@ -195,22 +194,23 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     if (src->tlsext_ecpointformatlist) {
         dest->tlsext_ecpointformatlist =
             OPENSSL_memdup(src->tlsext_ecpointformatlist,
-                       src->tlsext_ecpointformatlist_length);
+                           src->tlsext_ecpointformatlist_length);
         if (dest->tlsext_ecpointformatlist == NULL)
             goto err;
     }
-    if (src->tlsext_ellipticcurvelist) {
-        dest->tlsext_ellipticcurvelist =
-            OPENSSL_memdup(src->tlsext_ellipticcurvelist,
-                       src->tlsext_ellipticcurvelist_length);
-        if (dest->tlsext_ellipticcurvelist == NULL)
+    if (src->tlsext_supportedgroupslist) {
+        dest->tlsext_supportedgroupslist =
+            OPENSSL_memdup(src->tlsext_supportedgroupslist,
+                           src->tlsext_supportedgroupslist_length);
+        if (dest->tlsext_supportedgroupslist == NULL)
             goto err;
     }
 #endif
 
     if (ticket != 0) {
-        dest->tlsext_tick = OPENSSL_memdup(src->tlsext_tick, src->tlsext_ticklen);
-        if(dest->tlsext_tick == NULL)
+        dest->tlsext_tick =
+            OPENSSL_memdup(src->tlsext_tick, src->tlsext_ticklen);
+        if (dest->tlsext_tick == NULL)
             goto err;
     } else {
         dest->tlsext_tick_lifetime_hint = 0;
@@ -227,19 +227,25 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
 #endif
 
     return dest;
-err:
+ err:
     SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
     SSL_SESSION_free(dest);
     return NULL;
 }
 
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
-                                        unsigned int *len)
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
 {
     if (len)
-        *len = s->session_id_length;
+        *len = (unsigned int)s->session_id_length;
     return s->session_id;
 }
+const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
+                                                unsigned int *len)
+{
+    if (len != NULL)
+        *len = (unsigned int)s->sid_ctx_length;
+    return s->sid_ctx;
+}
 
 unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
 {
@@ -314,6 +320,9 @@ int ssl_get_new_session(SSL *s, int session)
         } else if (s->version == TLS1_2_VERSION) {
             ss->ssl_version = TLS1_2_VERSION;
             ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == TLS1_3_VERSION) {
+            ss->ssl_version = TLS1_3_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
         } else if (s->version == DTLS1_BAD_VER) {
             ss->ssl_version = DTLS1_BAD_VER;
             ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
@@ -359,7 +368,8 @@ int ssl_get_new_session(SSL *s, int session)
         CRYPTO_THREAD_unlock(s->session_ctx->lock);
         CRYPTO_THREAD_unlock(s->lock);
         /* Choose a session ID */
-        tmp = ss->session_id_length;
+        memset(ss->session_id, 0, ss->session_id_length);
+        tmp = (int)ss->session_id_length;
         if (!cb(s, ss->session_id, &tmp)) {
             /* The callback failed */
             SSLerr(SSL_F_SSL_GET_NEW_SESSION,
@@ -381,7 +391,7 @@ int ssl_get_new_session(SSL *s, int session)
         ss->session_id_length = tmp;
         /* Finally, check for a conflict */
         if (SSL_has_matching_session_id(s, ss->session_id,
-                                        ss->session_id_length)) {
+                                        (unsigned int)ss->session_id_length)) {
             SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT);
             SSL_SESSION_free(ss);
             return (0);
@@ -422,8 +432,7 @@ int ssl_get_new_session(SSL *s, int session)
  * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
  * connection. It is only called by servers.
  *
- *   ext: ClientHello extensions (including length prefix)
- *   session_id: ClientHello session ID.
+ *   hello: The parsed ClientHello data
  *
  * Returns:
  *   -1: error
@@ -435,7 +444,7 @@ int ssl_get_new_session(SSL *s, int session)
  *   - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
  *     if the server should issue a new session ticket (to 0 otherwise).
  */
-int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
+int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
 {
     /* This is used only by servers. */
 
@@ -444,11 +453,11 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
     int try_session_cache = 1;
     int r;
 
-    if (PACKET_remaining(session_id) == 0)
+    if (hello->session_id_len == 0)
         try_session_cache = 0;
 
-    /* sets s->tlsext_ticket_expected and extended master secret flag */
-    r = tls_check_serverhello_tlsext_early(s, ext, session_id, &ret);
+    /* sets s->tlsext_ticket_expected */
+    r = tls_get_ticket_from_client(s, hello, &ret);
     switch (r) {
     case -1:                   /* Error during processing */
         fatal = 1;
@@ -469,14 +478,12 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
         !(s->session_ctx->session_cache_mode &
           SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
         SSL_SESSION data;
-        size_t local_len;
+
         data.ssl_version = s->version;
-        if (!PACKET_copy_all(session_id, data.session_id,
-                             sizeof(data.session_id),
-                             &local_len)) {
-            goto err;
-        }
-        data.session_id_length = local_len;
+        memset(data.session_id, 0, sizeof(data.session_id));
+        memcpy(data.session_id, hello->session_id, hello->session_id_len);
+        data.session_id_length = hello->session_id_len;
+
         CRYPTO_THREAD_read_lock(s->session_ctx->lock);
         ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
         if (ret != NULL) {
@@ -491,8 +498,9 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
     if (try_session_cache &&
         ret == NULL && s->session_ctx->get_session_cb != NULL) {
         int copy = 1;
-        ret = s->session_ctx->get_session_cb(s, PACKET_data(session_id),
-                                             PACKET_remaining(session_id),
+
+        ret = s->session_ctx->get_session_cb(s, hello->session_id,
+                                             hello->session_id_len,
                                              &copy);
 
         if (ret != NULL) {
@@ -580,6 +588,23 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
         goto err;
     }
 
+    /*
+     * TODO(TLS1.3): This is temporary, because TLSv1.3 resumption is completely
+     * different. For now though we're still using the old resumption logic, so
+     * to avoid test failures we need this. Remove this code!
+     * 
+     * Check TLS version consistency. We can't resume <=TLSv1.2 session if we
+     * have negotiated TLSv1.3, and vice versa.
+     */
+    if (!SSL_IS_DTLS(s)
+            && ((ret->ssl_version <= TLS1_2_VERSION
+                 && s->version >=TLS1_3_VERSION)
+                || (ret->ssl_version >= TLS1_3_VERSION
+                    && s->version <= TLS1_2_VERSION))) {
+        /* Continue but do not resume */
+        goto err;
+    }
+
     /* Check extended master secret extension consistency */
     if (ret->flags & SSL_SESS_FLAG_EXTMS) {
         /* If old session includes extms, but new does not: abort handshake */
@@ -675,8 +700,7 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
         ret = 1;
 
         if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
-            while (SSL_CTX_sess_number(ctx) >
-                   SSL_CTX_sess_get_cache_size(ctx)) {
+            while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
                 if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
                     break;
                 else
@@ -706,16 +730,16 @@ static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
             r = lh_SSL_SESSION_delete(ctx->sessions, c);
             SSL_SESSION_list_remove(ctx, c);
         }
+        c->not_resumable = 1;
 
         if (lck)
             CRYPTO_THREAD_unlock(ctx->lock);
 
-        if (ret) {
-            r->not_resumable = 1;
-            if (ctx->remove_session_cb != NULL)
-                ctx->remove_session_cb(ctx, r);
+        if (ret)
             SSL_SESSION_free(r);
-        }
+
+        if (ctx->remove_session_cb != NULL)
+            ctx->remove_session_cb(ctx, c);
     } else
         ret = 0;
     return (ret);
@@ -728,7 +752,7 @@ void SSL_SESSION_free(SSL_SESSION *ss)
     if (ss == NULL)
         return;
 
-    CRYPTO_atomic_add(&ss->references, -1, &i, ss->lock);
+    CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
     REF_PRINT_COUNT("SSL_SESSION", ss);
     if (i > 0)
         return;
@@ -746,9 +770,9 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 #ifndef OPENSSL_NO_EC
     ss->tlsext_ecpointformatlist_length = 0;
     OPENSSL_free(ss->tlsext_ecpointformatlist);
-    ss->tlsext_ellipticcurvelist_length = 0;
-    OPENSSL_free(ss->tlsext_ellipticcurvelist);
-#endif                         /* OPENSSL_NO_EC */
+    ss->tlsext_supportedgroupslist_length = 0;
+    OPENSSL_free(ss->tlsext_supportedgroupslist);
+#endif                          /* OPENSSL_NO_EC */
 #ifndef OPENSSL_NO_PSK
     OPENSSL_free(ss->psk_identity_hint);
     OPENSSL_free(ss->psk_identity);
@@ -764,7 +788,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ss)
 {
     int i;
 
-    if (CRYPTO_atomic_add(&ss->references, 1, &i, ss->lock) <= 0)
+    if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
         return 0;
 
     REF_PRINT_COUNT("SSL_SESSION", ss);
@@ -774,28 +798,33 @@ int SSL_SESSION_up_ref(SSL_SESSION *ss)
 
 int SSL_set_session(SSL *s, SSL_SESSION *session)
 {
-    int ret = 0;
-    if (session != NULL) {
-        if (s->ctx->method != s->method) {
-            if (!SSL_set_ssl_method(s, s->ctx->method))
-                return (0);
-        }
+    ssl_clear_bad_session(s);
+    if (s->ctx->method != s->method) {
+        if (!SSL_set_ssl_method(s, s->ctx->method))
+            return 0;
+    }
 
+    if (session != NULL) {
         SSL_SESSION_up_ref(session);
-        SSL_SESSION_free(s->session);
-        s->session = session;
-        s->verify_result = s->session->verify_result;
-        ret = 1;
-    } else {
-        SSL_SESSION_free(s->session);
-        s->session = NULL;
-        if (s->ctx->method != s->method) {
-            if (!SSL_set_ssl_method(s, s->ctx->method))
-                return (0);
-        }
-        ret = 1;
+        s->verify_result = session->verify_result;
     }
-    return (ret);
+    SSL_SESSION_free(s->session);
+    s->session = session;
+
+    return 1;
+}
+
+int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
+                        unsigned int sid_len)
+{
+    if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {
+      SSLerr(SSL_F_SSL_SESSION_SET1_ID,
+             SSL_R_SSL_SESSION_ID_TOO_LONG);
+      return 0;
+    }
+    s->session_id_length = sid_len;
+    memcpy(s->session_id, sid, sid_len);
+    return 1;
 }
 
 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
@@ -828,6 +857,16 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t)
     return (t);
 }
 
+int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
+{
+    return s->ssl_version;
+}
+
+const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)
+{
+    return s->cipher;
+}
+
 const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
 {
     return s->tlsext_hostname;
@@ -843,8 +882,8 @@ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
     return s->tlsext_tick_lifetime_hint;
 }
 
-void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick,
-                            size_t *len)
+void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
+                             size_t *len)
 {
     *len = s->tlsext_ticklen;
     if (tick != NULL)
@@ -989,7 +1028,7 @@ int ssl_clear_bad_session(SSL *s)
     if ((s->session != NULL) &&
         !(s->shutdown & SSL_SENT_SHUTDOWN) &&
         !(SSL_in_init(s) || SSL_in_before(s))) {
-        SSL_CTX_remove_session(s->ctx, s->session);
+        SSL_CTX_remove_session(s->session_ctx, s->session);
         return (1);
     } else
         return (0);
@@ -1044,8 +1083,7 @@ static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
 }
 
 void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
-                             int (*cb) (struct ssl_st *ssl,
-                                        SSL_SESSION *sess))
+                             int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))
 {
     ctx->new_session_cb = cb;
 }
@@ -1074,8 +1112,9 @@ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
 }
 
 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
-                                                       const unsigned char *data,
-                                                       int len, int *copy) {
+                                                       const unsigned char
+                                                       *data, int len,
+                                                       int *copy) {
     return ctx->get_session_cb;
 }
 
@@ -1129,11 +1168,11 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
 }
 
 void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-                                  int (*cb) (SSL *ssl, const unsigned char *cookie,
+                                  int (*cb) (SSL *ssl,
+                                             const unsigned char *cookie,
                                              unsigned int cookie_len))
 {
     ctx->app_verify_cookie_cb = cb;
 }
 
-IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION,
-                 SSL_SESSION)
+IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)