X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=ssl%2Fssl_sess.c;h=0ea74389c2ac7abb97cd0a31669e1b2400182395;hb=703bcee021790d33e07809c9b07fd51d2b4b5474;hp=f13e466d2c0fedd0e255b965f005049e27c69fd9;hpb=80c630f6574a33b1c633815a174110d10ec37c60;p=openssl.git diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index f13e466d2c..0ea74389c2 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -129,12 +129,12 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) dest->psk_identity = NULL; #endif dest->ciphers = NULL; - dest->tlsext_hostname = NULL; + dest->ext.hostname = NULL; #ifndef OPENSSL_NO_EC - dest->tlsext_ecpointformatlist = NULL; - dest->tlsext_ellipticcurvelist = NULL; + dest->ext.ecpointformats = NULL; + dest->ext.supportedgroups = NULL; #endif - dest->tlsext_tick = NULL; + dest->ext.tick = NULL; #ifndef OPENSSL_NO_SRP dest->srp_username = NULL; #endif @@ -158,7 +158,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) if (dest->peer_chain == NULL) goto err; } - #ifndef OPENSSL_NO_PSK if (src->psk_identity_hint) { dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint); @@ -174,47 +173,48 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) } #endif - if(src->ciphers != NULL) { + if (src->ciphers != NULL) { dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers); if (dest->ciphers == NULL) goto err; } if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, - &dest->ex_data, &src->ex_data)) { + &dest->ex_data, &src->ex_data)) { goto err; } - if (src->tlsext_hostname) { - dest->tlsext_hostname = OPENSSL_strdup(src->tlsext_hostname); - if (dest->tlsext_hostname == NULL) { + if (src->ext.hostname) { + dest->ext.hostname = OPENSSL_strdup(src->ext.hostname); + if (dest->ext.hostname == NULL) { goto err; } } #ifndef OPENSSL_NO_EC - if (src->tlsext_ecpointformatlist) { - dest->tlsext_ecpointformatlist = - OPENSSL_memdup(src->tlsext_ecpointformatlist, - src->tlsext_ecpointformatlist_length); - if (dest->tlsext_ecpointformatlist == NULL) + if (src->ext.ecpointformats) { + dest->ext.ecpointformats = + OPENSSL_memdup(src->ext.ecpointformats, + src->ext.ecpointformats_len); + if (dest->ext.ecpointformats == NULL) goto err; } - if (src->tlsext_ellipticcurvelist) { - dest->tlsext_ellipticcurvelist = - OPENSSL_memdup(src->tlsext_ellipticcurvelist, - src->tlsext_ellipticcurvelist_length); - if (dest->tlsext_ellipticcurvelist == NULL) + if (src->ext.supportedgroups) { + dest->ext.supportedgroups = + OPENSSL_memdup(src->ext.supportedgroups, + src->ext.supportedgroups_len); + if (dest->ext.supportedgroups == NULL) goto err; } #endif if (ticket != 0) { - dest->tlsext_tick = OPENSSL_memdup(src->tlsext_tick, src->tlsext_ticklen); - if(dest->tlsext_tick == NULL) + dest->ext.tick = + OPENSSL_memdup(src->ext.tick, src->ext.ticklen); + if (dest->ext.tick == NULL) goto err; } else { - dest->tlsext_tick_lifetime_hint = 0; - dest->tlsext_ticklen = 0; + dest->ext.tick_lifetime_hint = 0; + dest->ext.ticklen = 0; } #ifndef OPENSSL_NO_SRP @@ -227,19 +227,25 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) #endif return dest; -err: + err: SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE); SSL_SESSION_free(dest); return NULL; } -const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, - unsigned int *len) +const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) { if (len) - *len = s->session_id_length; + *len = (unsigned int)s->session_id_length; return s->session_id; } +const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s, + unsigned int *len) +{ + if (len != NULL) + *len = (unsigned int)s->sid_ctx_length; + return s->sid_ctx; +} unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s) { @@ -314,6 +320,9 @@ int ssl_get_new_session(SSL *s, int session) } else if (s->version == TLS1_2_VERSION) { ss->ssl_version = TLS1_2_VERSION; ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; + } else if (s->version == TLS1_3_VERSION) { + ss->ssl_version = TLS1_3_VERSION; + ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; } else if (s->version == DTLS1_BAD_VER) { ss->ssl_version = DTLS1_BAD_VER; ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; @@ -344,7 +353,7 @@ int ssl_get_new_session(SSL *s, int session) * ServerHello extensions, and before recording the session * ID received from the server, so this block is a noop. */ - if (s->tlsext_ticket_expected) { + if (s->ext.ticket_expected) { ss->session_id_length = 0; goto sess_id_done; } @@ -359,7 +368,8 @@ int ssl_get_new_session(SSL *s, int session) CRYPTO_THREAD_unlock(s->session_ctx->lock); CRYPTO_THREAD_unlock(s->lock); /* Choose a session ID */ - tmp = ss->session_id_length; + memset(ss->session_id, 0, ss->session_id_length); + tmp = (int)ss->session_id_length; if (!cb(s, ss->session_id, &tmp)) { /* The callback failed */ SSLerr(SSL_F_SSL_GET_NEW_SESSION, @@ -381,16 +391,16 @@ int ssl_get_new_session(SSL *s, int session) ss->session_id_length = tmp; /* Finally, check for a conflict */ if (SSL_has_matching_session_id(s, ss->session_id, - ss->session_id_length)) { + (unsigned int)ss->session_id_length)) { SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT); SSL_SESSION_free(ss); return (0); } sess_id_done: - if (s->tlsext_hostname) { - ss->tlsext_hostname = OPENSSL_strdup(s->tlsext_hostname); - if (ss->tlsext_hostname == NULL) { + if (s->ext.hostname) { + ss->ext.hostname = OPENSSL_strdup(s->ext.hostname); + if (ss->ext.hostname == NULL) { SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR); SSL_SESSION_free(ss); return 0; @@ -422,8 +432,7 @@ int ssl_get_new_session(SSL *s, int session) * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this * connection. It is only called by servers. * - * ext: ClientHello extensions (including length prefix) - * session_id: ClientHello session ID. + * hello: The parsed ClientHello data * * Returns: * -1: error @@ -432,10 +441,10 @@ int ssl_get_new_session(SSL *s, int session) * Side effects: * - If a session is found then s->session is pointed at it (after freeing an * existing session if need be) and s->verify_result is set from the session. - * - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1 + * - Both for new and resumed sessions, s->ext.ticket_expected is set to 1 * if the server should issue a new session ticket (to 0 otherwise). */ -int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) +int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello) { /* This is used only by servers. */ @@ -444,11 +453,11 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) int try_session_cache = 1; int r; - if (PACKET_remaining(session_id) == 0) + if (hello->session_id_len == 0) try_session_cache = 0; - /* sets s->tlsext_ticket_expected and extended master secret flag */ - r = tls_check_serverhello_tlsext_early(s, ext, session_id, &ret); + /* sets s->ext.ticket_expected */ + r = tls_get_ticket_from_client(s, hello, &ret); switch (r) { case -1: /* Error during processing */ fatal = 1; @@ -469,14 +478,12 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) { SSL_SESSION data; - size_t local_len; + data.ssl_version = s->version; - if (!PACKET_copy_all(session_id, data.session_id, - sizeof(data.session_id), - &local_len)) { - goto err; - } - data.session_id_length = local_len; + memset(data.session_id, 0, sizeof(data.session_id)); + memcpy(data.session_id, hello->session_id, hello->session_id_len); + data.session_id_length = hello->session_id_len; + CRYPTO_THREAD_read_lock(s->session_ctx->lock); ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data); if (ret != NULL) { @@ -491,8 +498,9 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) if (try_session_cache && ret == NULL && s->session_ctx->get_session_cb != NULL) { int copy = 1; - ret = s->session_ctx->get_session_cb(s, PACKET_data(session_id), - PACKET_remaining(session_id), + + ret = s->session_ctx->get_session_cb(s, hello->session_id, + hello->session_id_len, ©); if (ret != NULL) { @@ -580,6 +588,23 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) goto err; } + /* + * TODO(TLS1.3): This is temporary, because TLSv1.3 resumption is completely + * different. For now though we're still using the old resumption logic, so + * to avoid test failures we need this. Remove this code! + * + * Check TLS version consistency. We can't resume <=TLSv1.2 session if we + * have negotiated TLSv1.3, and vice versa. + */ + if (!SSL_IS_DTLS(s) + && ((ret->ssl_version <= TLS1_2_VERSION + && s->version >=TLS1_3_VERSION) + || (ret->ssl_version >= TLS1_3_VERSION + && s->version <= TLS1_2_VERSION))) { + /* Continue but do not resume */ + goto err; + } + /* Check extended master secret extension consistency */ if (ret->flags & SSL_SESS_FLAG_EXTMS) { /* If old session includes extms, but new does not: abort handshake */ @@ -610,7 +635,7 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) * The session was from a ticket, so we should issue a ticket for * the new session */ - s->tlsext_ticket_expected = 1; + s->ext.ticket_expected = 1; } } if (fatal) @@ -675,8 +700,7 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) ret = 1; if (SSL_CTX_sess_get_cache_size(ctx) > 0) { - while (SSL_CTX_sess_number(ctx) > - SSL_CTX_sess_get_cache_size(ctx)) { + while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) break; else @@ -706,16 +730,16 @@ static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) r = lh_SSL_SESSION_delete(ctx->sessions, c); SSL_SESSION_list_remove(ctx, c); } + c->not_resumable = 1; if (lck) CRYPTO_THREAD_unlock(ctx->lock); - if (ret) { - r->not_resumable = 1; - if (ctx->remove_session_cb != NULL) - ctx->remove_session_cb(ctx, r); + if (ret) SSL_SESSION_free(r); - } + + if (ctx->remove_session_cb != NULL) + ctx->remove_session_cb(ctx, c); } else ret = 0; return (ret); @@ -728,7 +752,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) if (ss == NULL) return; - CRYPTO_atomic_add(&ss->references, -1, &i, ss->lock); + CRYPTO_DOWN_REF(&ss->references, &i, ss->lock); REF_PRINT_COUNT("SSL_SESSION", ss); if (i > 0) return; @@ -741,14 +765,16 @@ void SSL_SESSION_free(SSL_SESSION *ss) X509_free(ss->peer); sk_X509_pop_free(ss->peer_chain, X509_free); sk_SSL_CIPHER_free(ss->ciphers); - OPENSSL_free(ss->tlsext_hostname); - OPENSSL_free(ss->tlsext_tick); + OPENSSL_free(ss->ext.hostname); + OPENSSL_free(ss->ext.tick); #ifndef OPENSSL_NO_EC - ss->tlsext_ecpointformatlist_length = 0; - OPENSSL_free(ss->tlsext_ecpointformatlist); - ss->tlsext_ellipticcurvelist_length = 0; - OPENSSL_free(ss->tlsext_ellipticcurvelist); -#endif /* OPENSSL_NO_EC */ + OPENSSL_free(ss->ext.ecpointformats); + ss->ext.ecpointformats = NULL; + ss->ext.ecpointformats_len = 0; + OPENSSL_free(ss->ext.supportedgroups); + ss->ext.supportedgroups = NULL; + ss->ext.supportedgroups_len = 0; +#endif /* OPENSSL_NO_EC */ #ifndef OPENSSL_NO_PSK OPENSSL_free(ss->psk_identity_hint); OPENSSL_free(ss->psk_identity); @@ -764,7 +790,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ss) { int i; - if (CRYPTO_atomic_add(&ss->references, 1, &i, ss->lock) <= 0) + if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0) return 0; REF_PRINT_COUNT("SSL_SESSION", ss); @@ -774,28 +800,33 @@ int SSL_SESSION_up_ref(SSL_SESSION *ss) int SSL_set_session(SSL *s, SSL_SESSION *session) { - int ret = 0; - if (session != NULL) { - if (s->ctx->method != s->method) { - if (!SSL_set_ssl_method(s, s->ctx->method)) - return (0); - } + ssl_clear_bad_session(s); + if (s->ctx->method != s->method) { + if (!SSL_set_ssl_method(s, s->ctx->method)) + return 0; + } + if (session != NULL) { SSL_SESSION_up_ref(session); - SSL_SESSION_free(s->session); - s->session = session; - s->verify_result = s->session->verify_result; - ret = 1; - } else { - SSL_SESSION_free(s->session); - s->session = NULL; - if (s->ctx->method != s->method) { - if (!SSL_set_ssl_method(s, s->ctx->method)) - return (0); - } - ret = 1; + s->verify_result = session->verify_result; } - return (ret); + SSL_SESSION_free(s->session); + s->session = session; + + return 1; +} + +int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, + unsigned int sid_len) +{ + if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) { + SSLerr(SSL_F_SSL_SESSION_SET1_ID, + SSL_R_SSL_SESSION_ID_TOO_LONG); + return 0; + } + s->session_id_length = sid_len; + memcpy(s->session_id, sid, sid_len); + return 1; } long SSL_SESSION_set_timeout(SSL_SESSION *s, long t) @@ -833,27 +864,32 @@ int SSL_SESSION_get_protocol_version(const SSL_SESSION *s) return s->ssl_version; } +const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s) +{ + return s->cipher; +} + const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s) { - return s->tlsext_hostname; + return s->ext.hostname; } int SSL_SESSION_has_ticket(const SSL_SESSION *s) { - return (s->tlsext_ticklen > 0) ? 1 : 0; + return (s->ext.ticklen > 0) ? 1 : 0; } unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s) { - return s->tlsext_tick_lifetime_hint; + return s->ext.tick_lifetime_hint; } -void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick, - size_t *len) +void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick, + size_t *len) { - *len = s->tlsext_ticklen; + *len = s->ext.ticklen; if (tick != NULL) - *tick = s->tlsext_tick; + *tick = s->ext.tick; } X509 *SSL_SESSION_get0_peer(SSL_SESSION *s) @@ -893,20 +929,13 @@ long SSL_CTX_get_timeout(const SSL_CTX *s) } int SSL_set_session_secret_cb(SSL *s, - int (*tls_session_secret_cb) (SSL *s, - void *secret, - int *secret_len, - STACK_OF(SSL_CIPHER) - *peer_ciphers, - const SSL_CIPHER - **cipher, - void *arg), + tls_session_secret_cb_fn tls_session_secret_cb, void *arg) { if (s == NULL) return (0); - s->tls_session_secret_cb = tls_session_secret_cb; - s->tls_session_secret_cb_arg = arg; + s->ext.session_secret_cb = tls_session_secret_cb; + s->ext.session_secret_cb_arg = arg; return (1); } @@ -915,30 +944,30 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, { if (s == NULL) return (0); - s->tls_session_ticket_ext_cb = cb; - s->tls_session_ticket_ext_cb_arg = arg; + s->ext.session_ticket_cb = cb; + s->ext.session_ticket_cb_arg = arg; return (1); } int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) { if (s->version >= TLS1_VERSION) { - OPENSSL_free(s->tlsext_session_ticket); - s->tlsext_session_ticket = NULL; - s->tlsext_session_ticket = + OPENSSL_free(s->ext.session_ticket); + s->ext.session_ticket = NULL; + s->ext.session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); - if (s->tlsext_session_ticket == NULL) { + if (s->ext.session_ticket == NULL) { SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE); return 0; } - if (ext_data) { - s->tlsext_session_ticket->length = ext_len; - s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1; - memcpy(s->tlsext_session_ticket->data, ext_data, ext_len); + if (ext_data != NULL) { + s->ext.session_ticket->length = ext_len; + s->ext.session_ticket->data = s->ext.session_ticket + 1; + memcpy(s->ext.session_ticket->data, ext_data, ext_len); } else { - s->tlsext_session_ticket->length = 0; - s->tlsext_session_ticket->data = NULL; + s->ext.session_ticket->length = 0; + s->ext.session_ticket->data = NULL; } return 1; @@ -994,7 +1023,7 @@ int ssl_clear_bad_session(SSL *s) if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) && !(SSL_in_init(s) || SSL_in_before(s))) { - SSL_CTX_remove_session(s->ctx, s->session); + SSL_CTX_remove_session(s->session_ctx, s->session); return (1); } else return (0); @@ -1049,8 +1078,7 @@ static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) } void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, - int (*cb) (struct ssl_st *ssl, - SSL_SESSION *sess)) + int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess)) { ctx->new_session_cb = cb; } @@ -1079,8 +1107,9 @@ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, } SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl, - const unsigned char *data, - int len, int *copy) { + const unsigned char + *data, int len, + int *copy) { return ctx->get_session_cb; } @@ -1134,11 +1163,11 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, } void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, - int (*cb) (SSL *ssl, const unsigned char *cookie, + int (*cb) (SSL *ssl, + const unsigned char *cookie, unsigned int cookie_len)) { ctx->app_verify_cookie_cb = cb; } -IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, - SSL_SESSION) +IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)