X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fssl_sess.c;h=eee1ca1f5bcc59be8db7cce5251489989804fc47;hb=869d0a37cfa7cfdbd42026d2b75d14cdc64e81e0;hp=4a58fa52df63024805f9aad7ee31e6be04a25a3f;hpb=e92813234318635639dba0168c7ef5568757449b;p=oweals%2Fopenssl.git diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 4a58fa52df..eee1ca1f5b 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -158,7 +158,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) if (dest->peer_chain == NULL) goto err; } - #ifndef OPENSSL_NO_PSK if (src->psk_identity_hint) { dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint); @@ -181,7 +180,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) } if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, - &dest->ex_data, &src->ex_data)) { + &dest->ex_data, &src->ex_data)) { goto err; } @@ -195,21 +194,22 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) if (src->tlsext_ecpointformatlist) { dest->tlsext_ecpointformatlist = OPENSSL_memdup(src->tlsext_ecpointformatlist, - src->tlsext_ecpointformatlist_length); + src->tlsext_ecpointformatlist_length); if (dest->tlsext_ecpointformatlist == NULL) goto err; } if (src->tlsext_ellipticcurvelist) { dest->tlsext_ellipticcurvelist = OPENSSL_memdup(src->tlsext_ellipticcurvelist, - src->tlsext_ellipticcurvelist_length); + src->tlsext_ellipticcurvelist_length); if (dest->tlsext_ellipticcurvelist == NULL) goto err; } #endif if (ticket != 0) { - dest->tlsext_tick = OPENSSL_memdup(src->tlsext_tick, src->tlsext_ticklen); + dest->tlsext_tick = + OPENSSL_memdup(src->tlsext_tick, src->tlsext_ticklen); if (dest->tlsext_tick == NULL) goto err; } else { @@ -227,19 +227,25 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) #endif return dest; -err: + err: SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE); SSL_SESSION_free(dest); return NULL; } -const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, - unsigned int *len) +const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) { if (len) *len = s->session_id_length; return s->session_id; } +const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s, + unsigned int *len) +{ + if (len != NULL) + *len = s->sid_ctx_length; + return s->sid_ctx; +} unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s) { @@ -474,8 +480,7 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id) data.ssl_version = s->version; memset(data.session_id, 0, sizeof(data.session_id)); if (!PACKET_copy_all(session_id, data.session_id, - sizeof(data.session_id), - &local_len)) { + sizeof(data.session_id), &local_len)) { goto err; } data.session_id_length = local_len; @@ -677,8 +682,7 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) ret = 1; if (SSL_CTX_sess_get_cache_size(ctx) > 0) { - while (SSL_CTX_sess_number(ctx) > - SSL_CTX_sess_get_cache_size(ctx)) { + while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) break; else @@ -750,7 +754,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) OPENSSL_free(ss->tlsext_ecpointformatlist); ss->tlsext_ellipticcurvelist_length = 0; OPENSSL_free(ss->tlsext_ellipticcurvelist); -#endif /* OPENSSL_NO_EC */ +#endif /* OPENSSL_NO_EC */ #ifndef OPENSSL_NO_PSK OPENSSL_free(ss->psk_identity_hint); OPENSSL_free(ss->psk_identity); @@ -792,6 +796,19 @@ int SSL_set_session(SSL *s, SSL_SESSION *session) return 1; } +int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, + unsigned int sid_len) +{ + if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) { + SSLerr(SSL_F_SSL_SESSION_SET1_ID, + SSL_R_SSL_SESSION_ID_TOO_LONG); + return 0; + } + s->session_id_length = sid_len; + memcpy(s->session_id, sid, sid_len); + return 1; +} + long SSL_SESSION_set_timeout(SSL_SESSION *s, long t) { if (s == NULL) @@ -847,8 +864,8 @@ unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s) return s->tlsext_tick_lifetime_hint; } -void SSL_SESSION_get0_ticket(const SSL_SESSION *s, unsigned char **tick, - size_t *len) +void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick, + size_t *len) { *len = s->tlsext_ticklen; if (tick != NULL) @@ -1048,8 +1065,7 @@ static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) } void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, - int (*cb) (struct ssl_st *ssl, - SSL_SESSION *sess)) + int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess)) { ctx->new_session_cb = cb; } @@ -1078,8 +1094,9 @@ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, } SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl, - const unsigned char *data, - int len, int *copy) { + const unsigned char + *data, int len, + int *copy) { return ctx->get_session_cb; } @@ -1133,11 +1150,11 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, } void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, - int (*cb) (SSL *ssl, const unsigned char *cookie, + int (*cb) (SSL *ssl, + const unsigned char *cookie, unsigned int cookie_len)) { ctx->app_verify_cookie_cb = cb; } -IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, - SSL_SESSION) +IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)