Lines Matching full:session
152 * SSL_magic_pending_session_ptr(). It allows a session callback to indicate
153 * that it needs to asynchronously fetch session information. */
159 static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *session);
160 static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *session);
161 static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *session, int lock);
164 SSL_SESSION *session = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
165 if (session == NULL) {
169 memset(session, 0, sizeof(SSL_SESSION));
171 session->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
172 session->references = 1;
173 session->timeout = SSL_DEFAULT_SESSION_TIMEOUT;
174 session->time = (unsigned long)time(NULL);
175 CRYPTO_new_ex_data(&session->ex_data);
176 return session;
179 SSL_SESSION *SSL_SESSION_up_ref(SSL_SESSION *session) {
180 if (session != NULL) {
181 CRYPTO_refcount_inc(&session->references);
183 return session;
186 void SSL_SESSION_free(SSL_SESSION *session) {
187 if (session == NULL ||
188 !CRYPTO_refcount_dec_and_test_zero(&session->references)) {
192 CRYPTO_free_ex_data(&g_ex_data_class, session, &session->ex_data);
194 OPENSSL_cleanse(session->master_key, sizeof(session->master_key));
195 OPENSSL_cleanse(session->session_id, sizeof(session->session_id));
196 X509_free(session->peer);
197 sk_X509_pop_free(session->cert_chain, X509_free);
198 OPENSSL_free(session->tlsext_hostname);
199 OPENSSL_free(session->tlsext_tick);
200 OPENSSL_free(session->tlsext_signed_cert_timestamp_list);
201 OPENSSL_free(session->ocsp_response);
202 OPENSSL_free(session->psk_identity);
203 OPENSSL_cleanse(session, sizeof(*session));
204 OPENSSL_free(session);
207 const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *session,
210 *out_len = session->session_id_length;
212 return session->session_id;
215 long SSL_SESSION_get_timeout(const SSL_SESSION *session) {
216 return session->timeout;
219 long SSL_SESSION_get_time(const SSL_SESSION *session) {
220 if (session == NULL) {
224 return session->time;
227 uint32_t SSL_SESSION_get_key_exchange_info(const SSL_SESSION *session) {
228 return session->key_exchange_info;
231 X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session) {
232 return session->peer;
235 long SSL_SESSION_set_time(SSL_SESSION *session, long time) {
236 if (session == NULL) {
240 session->time = time;
244 long SSL_SESSION_set_timeout(SSL_SESSION *session, long timeout) {
245 if (session == NULL) {
249 session->timeout = timeout;
253 int SSL_SESSION_set1_id_context(SSL_SESSION *session, const uint8_t *sid_ctx,
260 session->sid_ctx_length = sid_ctx_len;
261 memcpy(session->sid_ctx, sid_ctx, sid_ctx_len);
273 return ssl->session;
278 return SSL_SESSION_up_ref(ssl->session);
293 int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg) {
294 return CRYPTO_set_ex_data(&session->ex_data, idx, arg);
297 void *SSL_SESSION_get_ex_data(const SSL_SESSION *session, int idx) {
298 return CRYPTO_get_ex_data(&session->ex_data, idx);
307 SSL_SESSION *session = SSL_SESSION_new();
308 if (session == NULL) {
314 session->timeout = ssl->initial_ctx->session_timeout;
317 session->ssl_version = ssl->version;
321 /* Don't set session IDs for sessions resumed with tickets. This will keep
322 * them out of the session cache. */
323 session->session_id_length = 0;
325 session->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
326 if (!RAND_bytes(session->session_id, session->session_id_length)) {
332 session->tlsext_hostname = BUF_strdup(ssl->tlsext_hostname);
333 if (session->tlsext_hostname == NULL) {
339 session->session_id_length = 0;
342 if (ssl->sid_ctx_length > sizeof(session->sid_ctx)) {
346 memcpy(session->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length);
347 session->sid_ctx_length = ssl->sid_ctx_length;
349 session->verify_result = X509_V_OK;
351 SSL_SESSION_free(ssl->session);
352 ssl->session = session;
356 SSL_SESSION_free(session);
360 /* ssl_lookup_session looks up |session_id| in the session cache and sets
372 SSL_SESSION *session;
382 session = lh_SSL_SESSION_retrieve(ssl->initial_ctx->sessions, &data);
383 if (session != NULL) {
384 SSL_SESSION_up_ref(session);
389 if (session != NULL) {
390 *out_session = session;
400 session = ssl->initial_ctx->get_session_cb(ssl, (uint8_t *)session_id,
402 if (session == NULL) {
405 if (session == SSL_magic_pending_session_ptr()) {
409 /* Increment reference count now if the session callback asks us to do so
410 * (note that if the session structures returned by the callback are shared
414 SSL_SESSION_up_ref(session);
417 /* Add the externally cached session to the internal cache if necessary. */
420 SSL_CTX_add_session(ssl->initial_ctx, session);
423 *out_session = session;
432 SSL_SESSION *session = NULL;
444 if (!tls_process_ticket(ssl, &session, &send_ticket, ticket, ticket_len,
449 /* The client does not support session tickets, so the session ID should be
452 ssl, &session, ctx->session_id, ctx->session_id_len);
458 if (session == NULL ||
459 session->sid_ctx_length != ssl->sid_ctx_length ||
460 memcmp(session->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length) != 0) {
465 /* We can't be sure if this session is being used out of context, which is
471 * effectively disable the session cache by accident without anyone
477 if (session->timeout < (long)(time(NULL) - session->time)) {
479 /* The session was from the cache, so remove it. */
480 SSL_CTX_remove_session(ssl->initial_ctx, session);
485 *out_session = session;
490 SSL_SESSION_free(session);
496 SSL_SESSION_free(session);
500 int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *session) {
501 /* Although |session| is inserted into two structures (a doubly-linked list
503 SSL_SESSION_up_ref(session);
507 if (!lh_SSL_SESSION_insert(ctx->sessions, &old_session, session)) {
509 SSL_SESSION_free(session);
514 if (old_session == session) {
515 /* |session| was already in the cache. */
521 /* There was a session ID collision. |old_session| must be removed from
527 SSL_SESSION_list_add(ctx, session);
542 int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *session) {
543 return remove_session_lock(ctx, session, 1);
546 static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *session, int lock) {
549 if (session != NULL && session->session_id_length != 0) {
554 session);
555 if (found_session == session) {
557 found_session = lh_SSL_SESSION_delete(ctx->sessions, session);
558 SSL_SESSION_list_remove(ctx, session);
577 int SSL_set_session(SSL *ssl, SSL_SESSION *session) {
578 if (ssl->session == session) {
582 SSL_SESSION_free(ssl->session);
583 ssl->session = session;
584 if (session != NULL) {
585 SSL_SESSION_up_ref(session);
586 ssl->verify_result = session->verify_result;
616 static void timeout_doall_arg(SSL_SESSION *session, void *void_param) {
620 param->time > (session->time + session->timeout)) {
624 (void) lh_SSL_SESSION_delete(param->cache, session);
625 SSL_SESSION_list_remove(param->ctx, session);
626 session->not_resumable = 1;
628 param->ctx->remove_session_cb(param->ctx, session);
630 SSL_SESSION_free(session);
649 if (ssl->session != NULL && !(ssl->shutdown & SSL_SENT_SHUTDOWN) &&
651 SSL_CTX_remove_session(ssl->ctx, ssl->session);
659 static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *session) {
660 if (session->next == NULL || session->prev == NULL) {
664 if (session->next == (SSL_SESSION *)&ctx->session_cache_tail) {
666 if (session->prev == (SSL_SESSION *)&ctx->session_cache_head) {
671 ctx->session_cache_tail = session->prev;
672 session->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
675 if (session->prev == (SSL_SESSION *)&ctx->session_cache_head) {
677 ctx->session_cache_head = session->next;
678 session->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
680 session->next->prev = session->prev;
681 session->prev->next = session->next;
684 session->prev = session->next = NULL;
687 static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *session) {
688 if (session->next != NULL && session->prev != NULL) {
689 SSL_SESSION_list_remove(ctx, session);
693 ctx->session_cache_head = session;
694 ctx->session_cache_tail = session;
695 session->prev = (SSL_SESSION *)&(ctx->session_cache_head);
696 session->next = (SSL_SESSION *)&(ctx->session_cache_tail);
698 session->next = ctx->session_cache_head;
699 session->next->prev = session;
700 session->prev = (SSL_SESSION *)&(ctx->session_cache_head);
701 ctx->session_cache_head = session;
706 int (*cb)(SSL *ssl, SSL_SESSION *session)) {
710 int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *session) {
715 SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *session)) {
720 SSL_SESSION *session) {
