Coverage Report

Created: 2026-06-06 06:39

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/wolfssl/src/ssl_sess.c
Line
Count
Source
1
/* ssl_sess.c
2
 *
3
 * Copyright (C) 2006-2026 wolfSSL Inc.
4
 *
5
 * This file is part of wolfSSL.
6
 *
7
 * wolfSSL is free software; you can redistribute it and/or modify
8
 * it under the terms of the GNU General Public License as published by
9
 * the Free Software Foundation; either version 3 of the License, or
10
 * (at your option) any later version.
11
 *
12
 * wolfSSL is distributed in the hope that it will be useful,
13
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15
 * GNU General Public License for more details.
16
 *
17
 * You should have received a copy of the GNU General Public License
18
 * along with this program; if not, write to the Free Software
19
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20
 */
21
22
#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
23
24
#if !defined(WOLFSSL_SSL_SESS_INCLUDED)
25
    #ifndef WOLFSSL_IGNORE_FILE_WARN
26
        #warning ssl_sess.c does not need to be compiled separately from ssl.c
27
    #endif
28
#else
29
30
#ifndef NO_SESSION_CACHE
31
32
    /* basic config gives a cache with 33 sessions, adequate for clients and
33
       embedded servers
34
35
       TITAN_SESSION_CACHE allows just over 2 million sessions, for servers
36
       with titanic amounts of memory with long session ID timeouts and high
37
       levels of traffic.
38
39
       ENABLE_SESSION_CACHE_ROW_LOCK: Allows row level locking for increased
40
       performance with large session caches
41
42
       HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load,
43
       allows over 13,000 new sessions per minute or over 200 new sessions per
44
       second
45
46
       BIG_SESSION_CACHE yields 20,027 sessions
47
48
       MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that
49
       aren't under heavy load, basically allows 200 new sessions per minute
50
51
       SMALL_SESSION_CACHE only stores 6 sessions, good for embedded clients
52
       or systems where the default of is too much RAM.
53
       SessionCache takes about 2K, ClientCache takes about 3Kbytes
54
55
       MICRO_SESSION_CACHE only stores 1 session, good for embedded clients
56
       or systems where memory is at a premium.
57
       SessionCache takes about 400 bytes, ClientCache takes 576 bytes
58
59
       default SESSION_CACHE stores 33 sessions (no XXX_SESSION_CACHE defined)
60
       SessionCache takes about 13K bytes, ClientCache takes 17K bytes
61
    */
62
    #if defined(TITAN_SESSION_CACHE)
63
        #define SESSIONS_PER_ROW 31
64
        #define SESSION_ROWS 64937
65
        #ifndef ENABLE_SESSION_CACHE_ROW_LOCK
66
            #define ENABLE_SESSION_CACHE_ROW_LOCK
67
        #endif
68
    #elif defined(HUGE_SESSION_CACHE)
69
        #define SESSIONS_PER_ROW 11
70
        #define SESSION_ROWS 5981
71
    #elif defined(BIG_SESSION_CACHE)
72
        #define SESSIONS_PER_ROW 7
73
        #define SESSION_ROWS 2861
74
    #elif defined(MEDIUM_SESSION_CACHE)
75
        #define SESSIONS_PER_ROW 5
76
        #define SESSION_ROWS 211
77
    #elif defined(SMALL_SESSION_CACHE)
78
        #define SESSIONS_PER_ROW 2
79
        #define SESSION_ROWS 3
80
    #elif defined(MICRO_SESSION_CACHE)
81
        #define SESSIONS_PER_ROW 1
82
        #define SESSION_ROWS 1
83
    #else
84
0
        #define SESSIONS_PER_ROW 3
85
0
        #define SESSION_ROWS 11
86
    #endif
87
0
    #define INVALID_SESSION_ROW (-1)
88
89
    #ifdef NO_SESSION_CACHE_ROW_LOCK
90
        #undef ENABLE_SESSION_CACHE_ROW_LOCK
91
    #endif
92
93
    typedef struct SessionRow {
94
        int nextIdx;                           /* where to place next one   */
95
        int totalCount;                        /* sessions ever on this row */
96
#ifdef SESSION_CACHE_DYNAMIC_MEM
97
        WOLFSSL_SESSION* Sessions[SESSIONS_PER_ROW];
98
        void* heap;
99
#else
100
        WOLFSSL_SESSION Sessions[SESSIONS_PER_ROW];
101
#endif
102
103
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
104
        /* not included in import/export */
105
        wolfSSL_RwLock row_lock;
106
        int lock_valid;
107
    #endif
108
    } SessionRow;
109
    #define SIZEOF_SESSION_ROW (sizeof(WOLFSSL_SESSION) + (sizeof(int) * 2))
110
111
    static WC_THREADSHARED SessionRow SessionCache[SESSION_ROWS];
112
113
    #if defined(WOLFSSL_SESSION_STATS) && defined(WOLFSSL_PEAK_SESSIONS)
114
        static WC_THREADSHARED word32 PeakSessions;
115
    #endif
116
117
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
118
    #define SESSION_ROW_RD_LOCK(row)   wc_LockRwLock_Rd(&(row)->row_lock)
119
    #define SESSION_ROW_WR_LOCK(row)   wc_LockRwLock_Wr(&(row)->row_lock)
120
    #define SESSION_ROW_UNLOCK(row)    wc_UnLockRwLock(&(row)->row_lock);
121
    #else
122
    static WC_THREADSHARED wolfSSL_RwLock session_lock; /* SessionCache lock */
123
    static WC_THREADSHARED int session_lock_valid = 0;
124
0
    #define SESSION_ROW_RD_LOCK(row)   wc_LockRwLock_Rd(&session_lock)
125
0
    #define SESSION_ROW_WR_LOCK(row)   wc_LockRwLock_Wr(&session_lock)
126
0
    #define SESSION_ROW_UNLOCK(row)    wc_UnLockRwLock(&session_lock);
127
    #endif
128
129
    #if !defined(NO_SESSION_CACHE_REF) && defined(NO_CLIENT_CACHE)
130
    #error ClientCache is required when not using NO_SESSION_CACHE_REF
131
    #endif
132
133
    #ifndef NO_CLIENT_CACHE
134
135
        #ifndef CLIENT_SESSIONS_MULTIPLIER
136
            #ifdef NO_SESSION_CACHE_REF
137
                #define CLIENT_SESSIONS_MULTIPLIER 1
138
            #else
139
                /* ClientSession objects are lightweight (compared to
140
                 * WOLFSSL_SESSION) so to decrease chance that user will reuse
141
                 * the wrong session, increase the ClientCache size. This will
142
                 * make the entire ClientCache about the size of one
143
                 * WOLFSSL_SESSION object. */
144
0
                #define CLIENT_SESSIONS_MULTIPLIER 8
145
            #endif
146
        #endif
147
        #define CLIENT_SESSIONS_PER_ROW \
148
0
                                (SESSIONS_PER_ROW * CLIENT_SESSIONS_MULTIPLIER)
149
0
        #define CLIENT_SESSION_ROWS (SESSION_ROWS * CLIENT_SESSIONS_MULTIPLIER)
150
151
        #if CLIENT_SESSIONS_PER_ROW > 65535
152
        #error CLIENT_SESSIONS_PER_ROW too big
153
        #endif
154
        #if CLIENT_SESSION_ROWS > 65535
155
        #error CLIENT_SESSION_ROWS too big
156
        #endif
157
158
        struct ClientSession {
159
            word16 serverRow;            /* SessionCache Row id */
160
            word16 serverIdx;            /* SessionCache Idx (column) */
161
            word32 sessionIDHash;
162
        };
163
    #ifndef WOLFSSL_CLIENT_SESSION_DEFINED
164
        typedef struct ClientSession ClientSession;
165
        #define WOLFSSL_CLIENT_SESSION_DEFINED
166
    #endif
167
168
        typedef struct ClientRow {
169
            int nextIdx;                /* where to place next one   */
170
            int totalCount;             /* sessions ever on this row */
171
            ClientSession Clients[CLIENT_SESSIONS_PER_ROW];
172
        } ClientRow;
173
174
        static WC_THREADSHARED ClientRow ClientCache[CLIENT_SESSION_ROWS];
175
                                                     /* Client Cache */
176
                                                     /* uses session mutex */
177
178
        /* ClientCache mutex */
179
        static WC_THREADSHARED wolfSSL_Mutex clisession_mutex
180
            WOLFSSL_MUTEX_INITIALIZER_CLAUSE(clisession_mutex);
181
        #ifndef WOLFSSL_MUTEX_INITIALIZER
182
        static WC_THREADSHARED int clisession_mutex_valid = 0;
183
        #endif
184
    #endif /* !NO_CLIENT_CACHE */
185
186
    void EvictSessionFromCache(WOLFSSL_SESSION* session)
187
0
    {
188
#ifdef HAVE_EX_DATA
189
        byte save_ownExData = session->ownExData;
190
        session->ownExData = 1; /* Make sure ex_data access doesn't lead back
191
                                 * into the cache. */
192
#endif
193
#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
194
        if (session->rem_sess_cb != NULL) {
195
            session->rem_sess_cb(NULL, session);
196
            session->rem_sess_cb = NULL;
197
        }
198
#endif
199
0
        ForceZero(session->masterSecret, SECRET_LEN);
200
0
        XMEMSET(session->sessionID, 0, ID_LEN);
201
0
        session->sessionIDSz = 0;
202
#ifdef HAVE_SESSION_TICKET
203
        if (session->ticketLenAlloc > 0) {
204
            XFREE(session->ticket, NULL, DYNAMIC_TYPE_SESSION_TICK);
205
            session->ticket = session->staticTicket;
206
            session->ticketLen = 0;
207
            session->ticketLenAlloc = 0;
208
        }
209
#endif
210
#ifdef HAVE_EX_DATA
211
        session->ownExData = save_ownExData;
212
#endif
213
214
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) &&                  \
215
    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
216
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
217
        if ((session->ticketNonce.data != NULL) &&
218
            (session->ticketNonce.data != session->ticketNonce.dataStatic))
219
        {
220
            XFREE(session->ticketNonce.data, NULL, DYNAMIC_TYPE_SESSION_TICK);
221
            session->ticketNonce.data = NULL;
222
        }
223
#endif
224
0
    }
225
226
WOLFSSL_ABI
227
WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl)
228
0
{
229
0
    WOLFSSL_ENTER("wolfSSL_get_session");
230
0
    if (ssl) {
231
#ifdef NO_SESSION_CACHE_REF
232
        return ssl->session;
233
#else
234
0
        if (ssl->options.side == WOLFSSL_CLIENT_END) {
235
            /* On the client side we want to return a persistent reference for
236
             * backwards compatibility. */
237
0
#ifndef NO_CLIENT_CACHE
238
0
            if (ssl->clientSession) {
239
0
                return (WOLFSSL_SESSION*)ssl->clientSession;
240
0
            }
241
0
            else {
242
                /* Try to add a ClientCache entry to associate with the current
243
                 * session. Ignore any session cache options. */
244
0
                int err;
245
0
                const byte* id = ssl->session->sessionID;
246
0
                byte idSz = ssl->session->sessionIDSz;
247
0
                if (ssl->session->haveAltSessionID) {
248
0
                    id = ssl->session->altSessionID;
249
0
                    idSz = ID_LEN;
250
0
                }
251
0
                err = AddSessionToCache(ssl->ctx, ssl->session, id, idSz,
252
0
                        NULL, ssl->session->side,
253
                #ifdef HAVE_SESSION_TICKET
254
                        ssl->session->ticketLen > 0,
255
                #else
256
0
                        0,
257
0
                #endif
258
0
                        &ssl->clientSession);
259
0
                if (err == 0) {
260
0
                    return (WOLFSSL_SESSION*)ssl->clientSession;
261
0
                }
262
0
            }
263
0
#endif
264
0
        }
265
0
        else {
266
0
            return ssl->session;
267
0
        }
268
0
#endif
269
0
    }
270
271
0
    return NULL;
272
0
}
273
274
/* The get1 version requires caller to call SSL_SESSION_free */
275
WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl)
276
0
{
277
0
    WOLFSSL_SESSION* sess = NULL;
278
0
    WOLFSSL_ENTER("wolfSSL_get1_session");
279
0
    if (ssl != NULL) {
280
0
        sess = ssl->session;
281
0
        if (sess != NULL) {
282
            /* increase reference count if allocated session */
283
0
            if (sess->type == WOLFSSL_SESSION_TYPE_HEAP) {
284
0
                if (wolfSSL_SESSION_up_ref(sess) != WOLFSSL_SUCCESS)
285
0
                    sess = NULL;
286
0
            }
287
0
        }
288
0
    }
289
0
    return sess;
290
0
}
291
292
/* session is a private struct, return if it is setup or not */
293
int wolfSSL_SessionIsSetup(WOLFSSL_SESSION* session)
294
0
{
295
0
    if (session != NULL)
296
0
        return session->isSetup;
297
0
    return 0;
298
0
}
299
300
/*
301
 * Sets the session object to use when establishing a TLS/SSL session using
302
 * the ssl object. Therefore, this function must be called before
303
 * wolfSSL_connect. The session object to use can be obtained in a previous
304
 * TLS/SSL connection using wolfSSL_get_session.
305
 *
306
 * This function rejects the session if it has been expired when this function
307
 * is called. Note that this expiration check is wolfSSL specific and differs
308
 * from OpenSSL return code behavior.
309
 *
310
 * By default, wolfSSL_set_session returns WOLFSSL_SUCCESS on successfully
311
 * setting the session, WOLFSSL_FAILURE on failure due to the session cache
312
 * being disabled, or the session has expired.
313
 *
314
 * To match OpenSSL return code behavior when session is expired, define
315
 * OPENSSL_EXTRA and WOLFSSL_ERROR_CODE_OPENSSL. This behavior will return
316
 * WOLFSSL_SUCCESS even when the session is expired and rejected.
317
 */
318
WOLFSSL_ABI
319
int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session)
320
0
{
321
0
    WOLFSSL_ENTER("wolfSSL_set_session");
322
0
    if (session)
323
0
        return wolfSSL_SetSession(ssl, session);
324
325
0
    return WOLFSSL_FAILURE;
326
0
}
327
328
329
#ifndef NO_CLIENT_CACHE
330
331
/* Associate client session with serverID, find existing or store for saving
332
   if newSession flag on, don't reuse existing session
333
   WOLFSSL_SUCCESS on ok */
334
int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
335
0
{
336
0
    WOLFSSL_SESSION* session = NULL;
337
0
    byte idHash[SERVER_ID_LEN];
338
339
0
    WOLFSSL_ENTER("wolfSSL_SetServerID");
340
341
0
    if (ssl == NULL || id == NULL || len <= 0)
342
0
        return BAD_FUNC_ARG;
343
344
0
    if (len > SERVER_ID_LEN) {
345
#if defined(NO_SHA) && !defined(NO_SHA256)
346
        if (wc_Sha256Hash(id, len, idHash) != 0)
347
            return WOLFSSL_FAILURE;
348
#else
349
0
        if (wc_ShaHash(id, (word32)len, idHash) != 0)
350
0
            return WOLFSSL_FAILURE;
351
0
#endif
352
0
        id = idHash;
353
0
        len = SERVER_ID_LEN;
354
0
    }
355
356
0
    if (newSession == 0) {
357
0
        session = wolfSSL_GetSessionClient(ssl, id, len);
358
0
        if (session) {
359
0
            if (wolfSSL_SetSession(ssl, session) != WOLFSSL_SUCCESS) {
360
            #ifdef HAVE_EXT_CACHE
361
                wolfSSL_FreeSession(ssl->ctx, session);
362
            #endif
363
0
                WOLFSSL_MSG("wolfSSL_SetSession failed");
364
0
                session = NULL;
365
0
            }
366
0
        }
367
0
    }
368
369
0
    if (session == NULL) {
370
0
        WOLFSSL_MSG("Valid ServerID not cached already");
371
372
0
        ssl->session->idLen = (word16)len;
373
0
        XMEMCPY(ssl->session->serverID, id, (size_t)len);
374
0
    }
375
#ifdef HAVE_EXT_CACHE
376
    else {
377
        wolfSSL_FreeSession(ssl->ctx, session);
378
    }
379
#endif
380
381
0
    return WOLFSSL_SUCCESS;
382
0
}
383
384
#endif /* !NO_CLIENT_CACHE */
385
386
/* TODO: Add SESSION_CACHE_DYNAMIC_MEM support for PERSIST_SESSION_CACHE.
387
 * Need a count of current sessions to get an accurate memsize (totalCount is
388
 * not decremented when sessions are removed).
389
 * Need to determine ideal layout for mem/filesave.
390
 * Also need mem/filesave checking to ensure not restoring non DYNAMIC_MEM
391
 * cache.
392
 */
393
#if defined(PERSIST_SESSION_CACHE) && !defined(SESSION_CACHE_DYNAMIC_MEM)
394
395
/* for persistence, if changes to layout need to increment and modify
396
   save_session_cache() and restore_session_cache and memory versions too */
397
#define WOLFSSL_CACHE_VERSION 2
398
399
/* Session Cache Header information */
400
typedef struct {
401
    int version;     /* cache layout version id */
402
    int rows;        /* session rows */
403
    int columns;     /* session columns */
404
    int sessionSz;   /* sizeof WOLFSSL_SESSION */
405
} cache_header_t;
406
407
/* current persistence layout is:
408
409
   1) cache_header_t
410
   2) SessionCache
411
   3) ClientCache
412
413
   update WOLFSSL_CACHE_VERSION if change layout for the following
414
   PERSISTENT_SESSION_CACHE functions
415
*/
416
417
/* get how big the the session cache save buffer needs to be */
418
int wolfSSL_get_session_cache_memsize(void)
419
{
420
    int sz  = (int)(sizeof(SessionCache) + sizeof(cache_header_t));
421
#ifndef NO_CLIENT_CACHE
422
    sz += (int)(sizeof(ClientCache));
423
#endif
424
    return sz;
425
}
426
427
428
/* Persist session cache to memory */
429
int wolfSSL_memsave_session_cache(void* mem, int sz)
430
{
431
    int i;
432
    cache_header_t cache_header;
433
    SessionRow*    row;
434
435
    WOLFSSL_ENTER("wolfSSL_memsave_session_cache");
436
437
    if (mem == NULL) {
438
        return BAD_FUNC_ARG;
439
    }
440
441
    row = (SessionRow*)((byte*)mem + sizeof(cache_header));
442
443
    if (sz < wolfSSL_get_session_cache_memsize()) {
444
        WOLFSSL_MSG("Memory buffer too small");
445
        return BUFFER_E;
446
    }
447
448
    cache_header.version   = WOLFSSL_CACHE_VERSION;
449
    cache_header.rows      = SESSION_ROWS;
450
    cache_header.columns   = SESSIONS_PER_ROW;
451
    cache_header.sessionSz = (int)sizeof(WOLFSSL_SESSION);
452
    XMEMCPY(mem, &cache_header, sizeof(cache_header));
453
454
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
455
    if (SESSION_ROW_RD_LOCK(row) != 0) {
456
        WOLFSSL_MSG("Session cache mutex lock failed");
457
        return BAD_MUTEX_E;
458
    }
459
#endif
460
    for (i = 0; i < cache_header.rows; ++i) {
461
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
462
        if (SESSION_ROW_RD_LOCK(&SessionCache[i]) != 0) {
463
            WOLFSSL_MSG("Session row cache mutex lock failed");
464
            return BAD_MUTEX_E;
465
        }
466
    #endif
467
468
        XMEMCPY(row++, &SessionCache[i], SIZEOF_SESSION_ROW);
469
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
470
        SESSION_ROW_UNLOCK(&SessionCache[i]);
471
    #endif
472
    }
473
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
474
    SESSION_ROW_UNLOCK(row);
475
#endif
476
477
#ifndef NO_CLIENT_CACHE
478
    if (wc_LockMutex(&clisession_mutex) != 0) {
479
        WOLFSSL_MSG("Client cache mutex lock failed");
480
        return BAD_MUTEX_E;
481
    }
482
    XMEMCPY(row, ClientCache, sizeof(ClientCache));
483
    wc_UnLockMutex(&clisession_mutex);
484
#endif
485
486
    WOLFSSL_LEAVE("wolfSSL_memsave_session_cache", WOLFSSL_SUCCESS);
487
488
    return WOLFSSL_SUCCESS;
489
}
490
491
492
#if !defined(SESSION_CACHE_DYNAMIC_MEM) && \
493
    (defined(HAVE_SESSION_TICKET) || \
494
    (defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)))
495
static void SessionSanityPointerSet(SessionRow* row)
496
{
497
    int j;
498
499
    /* Reset pointers to safe values after raw copy */
500
    for (j = 0; j < SESSIONS_PER_ROW; j++) {
501
        WOLFSSL_SESSION* s = &row->Sessions[j];
502
#ifdef HAVE_SESSION_TICKET
503
        s->ticket = s->staticTicket;
504
        s->ticketLenAlloc = 0;
505
        if (s->ticketLen > SESSION_TICKET_LEN) {
506
            s->ticketLen = SESSION_TICKET_LEN;
507
        }
508
#endif
509
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) &&                 \
510
    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
511
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
512
        s->ticketNonce.data = s->ticketNonce.dataStatic;
513
        if (s->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ) {
514
            s->ticketNonce.len = MAX_TICKET_NONCE_STATIC_SZ;
515
        }
516
#endif
517
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
518
        s->peer = NULL;
519
#endif
520
    }
521
}
522
#endif
523
524
/* Restore the persistent session cache from memory */
525
int wolfSSL_memrestore_session_cache(const void* mem, int sz)
526
{
527
    int    i;
528
    cache_header_t cache_header;
529
    SessionRow*    row;
530
531
    WOLFSSL_ENTER("wolfSSL_memrestore_session_cache");
532
533
    if (mem == NULL) {
534
        return BAD_FUNC_ARG;
535
    }
536
537
    row = (SessionRow*)((byte*)mem + sizeof(cache_header));
538
539
    if (sz < wolfSSL_get_session_cache_memsize()) {
540
        WOLFSSL_MSG("Memory buffer too small");
541
        return BUFFER_E;
542
    }
543
544
    XMEMCPY(&cache_header, mem, sizeof(cache_header));
545
    if (cache_header.version   != WOLFSSL_CACHE_VERSION ||
546
        cache_header.rows      != SESSION_ROWS ||
547
        cache_header.columns   != SESSIONS_PER_ROW ||
548
        cache_header.sessionSz != (int)sizeof(WOLFSSL_SESSION)) {
549
550
        WOLFSSL_MSG("Session cache header match failed");
551
        return CACHE_MATCH_ERROR;
552
    }
553
554
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
555
    if (SESSION_ROW_WR_LOCK(&SessionCache[0]) != 0) {
556
        WOLFSSL_MSG("Session cache mutex lock failed");
557
        return BAD_MUTEX_E;
558
    }
559
#endif
560
    for (i = 0; i < cache_header.rows; ++i) {
561
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
562
        if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
563
            WOLFSSL_MSG("Session row cache mutex lock failed");
564
            return BAD_MUTEX_E;
565
        }
566
    #endif
567
568
        XMEMCPY(&SessionCache[i], row++, SIZEOF_SESSION_ROW);
569
    #if !defined(SESSION_CACHE_DYNAMIC_MEM) && \
570
        (defined(HAVE_SESSION_TICKET) || \
571
        (defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)))
572
        SessionSanityPointerSet(&SessionCache[i]);
573
    #endif
574
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
575
        SESSION_ROW_UNLOCK(&SessionCache[i]);
576
    #endif
577
    }
578
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
579
    SESSION_ROW_UNLOCK(&SessionCache[0]);
580
#endif
581
582
#ifndef NO_CLIENT_CACHE
583
    if (wc_LockMutex(&clisession_mutex) != 0) {
584
        WOLFSSL_MSG("Client cache mutex lock failed");
585
        return BAD_MUTEX_E;
586
    }
587
    XMEMCPY(ClientCache, row, sizeof(ClientCache));
588
    wc_UnLockMutex(&clisession_mutex);
589
#endif
590
591
    WOLFSSL_LEAVE("wolfSSL_memrestore_session_cache", WOLFSSL_SUCCESS);
592
593
    return WOLFSSL_SUCCESS;
594
}
595
596
#if !defined(NO_FILESYSTEM)
597
598
/* Persist session cache to file */
599
/* doesn't use memsave because of additional memory use */
600
int wolfSSL_save_session_cache(const char *fname)
601
{
602
    XFILE  file;
603
    int    ret;
604
    int    rc = WOLFSSL_SUCCESS;
605
    int    i;
606
    cache_header_t cache_header;
607
608
    WOLFSSL_ENTER("wolfSSL_save_session_cache");
609
610
    file = XFOPEN(fname, "w+b");
611
    if (file == XBADFILE) {
612
        WOLFSSL_MSG("Couldn't open session cache save file");
613
        return WOLFSSL_BAD_FILE;
614
    }
615
    cache_header.version   = WOLFSSL_CACHE_VERSION;
616
    cache_header.rows      = SESSION_ROWS;
617
    cache_header.columns   = SESSIONS_PER_ROW;
618
    cache_header.sessionSz = (int)sizeof(WOLFSSL_SESSION);
619
620
    /* cache header */
621
    ret = (int)XFWRITE(&cache_header, sizeof cache_header, 1, file);
622
    if (ret != 1) {
623
        WOLFSSL_MSG("Session cache header file write failed");
624
        XFCLOSE(file);
625
        return FWRITE_ERROR;
626
    }
627
628
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
629
    if (SESSION_ROW_RD_LOCK(&SessionCache[0]) != 0) {
630
        WOLFSSL_MSG("Session cache mutex lock failed");
631
        XFCLOSE(file);
632
        return BAD_MUTEX_E;
633
    }
634
#endif
635
    /* session cache */
636
    for (i = 0; i < cache_header.rows; ++i) {
637
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
638
        if (SESSION_ROW_RD_LOCK(&SessionCache[i]) != 0) {
639
            WOLFSSL_MSG("Session row cache mutex lock failed");
640
            XFCLOSE(file);
641
            return BAD_MUTEX_E;
642
        }
643
    #endif
644
645
        ret = (int)XFWRITE(&SessionCache[i], SIZEOF_SESSION_ROW, 1, file);
646
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
647
        SESSION_ROW_UNLOCK(&SessionCache[i]);
648
    #endif
649
        if (ret != 1) {
650
            WOLFSSL_MSG("Session cache member file write failed");
651
            rc = FWRITE_ERROR;
652
            break;
653
        }
654
    }
655
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
656
    SESSION_ROW_UNLOCK(&SessionCache[0]);
657
#endif
658
659
#ifndef NO_CLIENT_CACHE
660
    /* client cache */
661
    if (wc_LockMutex(&clisession_mutex) != 0) {
662
        WOLFSSL_MSG("Client cache mutex lock failed");
663
        XFCLOSE(file);
664
        return BAD_MUTEX_E;
665
    }
666
    ret = (int)XFWRITE(ClientCache, sizeof(ClientCache), 1, file);
667
    if (ret != 1) {
668
        WOLFSSL_MSG("Client cache member file write failed");
669
        rc = FWRITE_ERROR;
670
    }
671
    wc_UnLockMutex(&clisession_mutex);
672
#endif /* !NO_CLIENT_CACHE */
673
674
    XFCLOSE(file);
675
    WOLFSSL_LEAVE("wolfSSL_save_session_cache", rc);
676
677
    return rc;
678
}
679
680
681
/* Restore the persistent session cache from file */
682
/* doesn't use memstore because of additional memory use */
683
int wolfSSL_restore_session_cache(const char *fname)
684
{
685
    XFILE  file;
686
    int    rc = WOLFSSL_SUCCESS;
687
    int    ret;
688
    int    i;
689
    cache_header_t cache_header;
690
691
    WOLFSSL_ENTER("wolfSSL_restore_session_cache");
692
693
    file = XFOPEN(fname, "rb");
694
    if (file == XBADFILE) {
695
        WOLFSSL_MSG("Couldn't open session cache save file");
696
        return WOLFSSL_BAD_FILE;
697
    }
698
    /* cache header */
699
    ret = (int)XFREAD(&cache_header, sizeof(cache_header), 1, file);
700
    if (ret != 1) {
701
        WOLFSSL_MSG("Session cache header file read failed");
702
        XFCLOSE(file);
703
        return FREAD_ERROR;
704
    }
705
    if (cache_header.version   != WOLFSSL_CACHE_VERSION ||
706
        cache_header.rows      != SESSION_ROWS ||
707
        cache_header.columns   != SESSIONS_PER_ROW ||
708
        cache_header.sessionSz != (int)sizeof(WOLFSSL_SESSION)) {
709
710
        WOLFSSL_MSG("Session cache header match failed");
711
        XFCLOSE(file);
712
        return CACHE_MATCH_ERROR;
713
    }
714
715
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
716
    if (SESSION_ROW_WR_LOCK(&SessionCache[0]) != 0) {
717
        WOLFSSL_MSG("Session cache mutex lock failed");
718
        XFCLOSE(file);
719
        return BAD_MUTEX_E;
720
    }
721
#endif
722
    /* session cache */
723
    for (i = 0; i < cache_header.rows; ++i) {
724
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
725
        if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
726
            WOLFSSL_MSG("Session row cache mutex lock failed");
727
            XFCLOSE(file);
728
            return BAD_MUTEX_E;
729
        }
730
    #endif
731
732
        ret = (int)XFREAD(&SessionCache[i], SIZEOF_SESSION_ROW, 1, file);
733
    #if !defined(SESSION_CACHE_DYNAMIC_MEM) && \
734
        (defined(HAVE_SESSION_TICKET) || \
735
        (defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)))
736
        SessionSanityPointerSet(&SessionCache[i]);
737
    #endif
738
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
739
        SESSION_ROW_UNLOCK(&SessionCache[i]);
740
    #endif
741
        if (ret != 1) {
742
            WOLFSSL_MSG("Session cache member file read failed");
743
            XMEMSET(SessionCache, 0, sizeof SessionCache);
744
            rc = FREAD_ERROR;
745
            break;
746
        }
747
    }
748
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
749
    SESSION_ROW_UNLOCK(&SessionCache[0]);
750
#endif
751
752
#ifndef NO_CLIENT_CACHE
753
    /* client cache */
754
    if (wc_LockMutex(&clisession_mutex) != 0) {
755
        WOLFSSL_MSG("Client cache mutex lock failed");
756
        XFCLOSE(file);
757
        return BAD_MUTEX_E;
758
    }
759
    ret = (int)XFREAD(ClientCache, sizeof(ClientCache), 1, file);
760
    if (ret != 1) {
761
        WOLFSSL_MSG("Client cache member file read failed");
762
        XMEMSET(ClientCache, 0, sizeof ClientCache);
763
        rc = FREAD_ERROR;
764
    }
765
    wc_UnLockMutex(&clisession_mutex);
766
#endif /* !NO_CLIENT_CACHE */
767
768
    XFCLOSE(file);
769
    WOLFSSL_LEAVE("wolfSSL_restore_session_cache", rc);
770
771
    return rc;
772
}
773
774
#endif /* !NO_FILESYSTEM */
775
#endif /* PERSIST_SESSION_CACHE && !SESSION_CACHE_DYNAMIC_MEM */
776
777
778
/* on by default if built in but allow user to turn off */
779
WOLFSSL_ABI
780
long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
781
0
{
782
0
    WOLFSSL_ENTER("wolfSSL_CTX_set_session_cache_mode");
783
784
0
    if (ctx == NULL)
785
0
        return WOLFSSL_FAILURE;
786
787
0
    if (mode == WOLFSSL_SESS_CACHE_OFF) {
788
0
        ctx->sessionCacheOff = 1;
789
#ifdef HAVE_EXT_CACHE
790
        ctx->internalCacheOff = 1;
791
        ctx->internalCacheLookupOff = 1;
792
#endif
793
0
    }
794
795
0
    if ((mode & WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR) != 0)
796
0
        ctx->sessionCacheFlushOff = 1;
797
798
#ifdef HAVE_EXT_CACHE
799
    /* WOLFSSL_SESS_CACHE_NO_INTERNAL activates both if's */
800
    if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE) != 0)
801
        ctx->internalCacheOff = 1;
802
    if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP) != 0)
803
        ctx->internalCacheLookupOff = 1;
804
#endif
805
806
0
    return WOLFSSL_SUCCESS;
807
0
}
808
809
#ifdef OPENSSL_EXTRA
810
#ifdef HAVE_MAX_FRAGMENT
811
/* return the max fragment size set when handshake was negotiated */
812
unsigned char wolfSSL_SESSION_get_max_fragment_length(WOLFSSL_SESSION* session)
813
{
814
    session = ClientSessionToSession(session);
815
    if (session == NULL) {
816
        return 0;
817
    }
818
819
    return session->mfl;
820
}
821
#endif
822
823
824
/* Get the session cache mode for CTX
825
 *
826
 * ctx  WOLFSSL_CTX struct to get cache mode from
827
 *
828
 * Returns a bit mask that has the session cache mode */
829
long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
830
{
831
    long m = 0;
832
833
    WOLFSSL_ENTER("wolfSSL_CTX_get_session_cache_mode");
834
835
    if (ctx == NULL) {
836
        return m;
837
    }
838
839
    if (ctx->sessionCacheOff != 1) {
840
        m |= WOLFSSL_SESS_CACHE_SERVER;
841
    }
842
843
    if (ctx->sessionCacheFlushOff == 1) {
844
        m |= WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR;
845
    }
846
847
#ifdef HAVE_EXT_CACHE
848
    if (ctx->internalCacheOff == 1) {
849
        m |= WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE;
850
    }
851
    if (ctx->internalCacheLookupOff == 1) {
852
        m |= WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP;
853
    }
854
#endif
855
856
    return m;
857
}
858
#endif /* OPENSSL_EXTRA */
859
860
#endif /* !NO_SESSION_CACHE */
861
862
#ifndef NO_SESSION_CACHE
863
864
WOLFSSL_ABI
865
void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm)
866
0
{
867
    /* static table now, no flushing needed */
868
0
    (void)ctx;
869
0
    (void)tm;
870
0
}
871
872
void wolfSSL_CTX_flush_sessions(WOLFSSL_CTX* ctx, long tm)
873
0
{
874
0
    int i, j;
875
876
0
    (void)ctx;
877
0
    WOLFSSL_ENTER("wolfSSL_flush_sessions");
878
0
    for (i = 0; i < SESSION_ROWS; ++i) {
879
0
        if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
880
0
            WOLFSSL_MSG("Session cache mutex lock failed");
881
0
            return;
882
0
        }
883
0
        for (j = 0; j < SESSIONS_PER_ROW; j++) {
884
#ifdef SESSION_CACHE_DYNAMIC_MEM
885
            WOLFSSL_SESSION* s = SessionCache[i].Sessions[j];
886
#else
887
0
            WOLFSSL_SESSION* s = &SessionCache[i].Sessions[j];
888
0
#endif
889
0
            if (
890
#ifdef SESSION_CACHE_DYNAMIC_MEM
891
                s != NULL &&
892
#endif
893
0
                s->sessionIDSz > 0 &&
894
0
                s->bornOn + s->timeout < (word32)tm
895
0
                )
896
0
            {
897
0
                EvictSessionFromCache(s);
898
#ifdef SESSION_CACHE_DYNAMIC_MEM
899
                XFREE(s, s->heap, DYNAMIC_TYPE_SESSION);
900
                SessionCache[i].Sessions[j] = NULL;
901
#endif
902
0
            }
903
0
        }
904
0
        SESSION_ROW_UNLOCK(&SessionCache[i]);
905
0
    }
906
0
}
907
908
909
/* set ssl session timeout in seconds */
910
WOLFSSL_ABI
911
int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to)
912
0
{
913
0
    if (ssl == NULL)
914
0
        return BAD_FUNC_ARG;
915
916
0
    if (to == 0)
917
0
        to = WOLFSSL_SESSION_TIMEOUT;
918
0
    ssl->timeout = to;
919
920
0
    return WOLFSSL_SUCCESS;
921
0
}
922
923
#ifndef NO_TLS
924
/**
925
 * Sets ctx session timeout in seconds.
926
 * The timeout value set here should be reflected in the
927
 * "session ticket lifetime hint" if this API works in the openssl compat-layer.
928
 * Therefore wolfSSL_CTX_set_TicketHint is called internally.
929
 * Arguments:
930
 *  - ctx  WOLFSSL_CTX object which the timeout is set to
931
 *  - to   timeout value in second
932
 * Returns:
933
 *  WOLFSSL_SUCCESS on success, BAD_FUNC_ARG on failure.
934
 *  When WOLFSSL_ERROR_CODE_OPENSSL is defined, returns previous timeout value
935
 *  on success, BAD_FUNC_ARG on failure.
936
 */
937
WOLFSSL_ABI
938
int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to)
939
0
{
940
    #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
941
    word32 prev_timeout = 0;
942
    #endif
943
944
0
    int ret = WOLFSSL_SUCCESS;
945
0
    (void)ret;
946
947
0
    if (ctx == NULL)
948
0
        ret = BAD_FUNC_ARG;
949
950
0
    if (ret == WOLFSSL_SUCCESS) {
951
    #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
952
        prev_timeout = ctx->timeout;
953
    #endif
954
0
        if (to == 0) {
955
0
            ctx->timeout = WOLFSSL_SESSION_TIMEOUT;
956
0
        }
957
0
        else {
958
0
            ctx->timeout = to;
959
0
        }
960
0
    }
961
#if defined(OPENSSL_EXTRA) && defined(HAVE_SESSION_TICKET) && \
962
   !defined(NO_WOLFSSL_SERVER)
963
    if (ret == WOLFSSL_SUCCESS) {
964
        if (to == 0) {
965
            ret = wolfSSL_CTX_set_TicketHint(ctx, SESSION_TICKET_HINT_DEFAULT);
966
        }
967
        else {
968
            ret = wolfSSL_CTX_set_TicketHint(ctx, (int)to);
969
        }
970
    }
971
#endif /* OPENSSL_EXTRA && HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */
972
973
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
974
    if (ret == WOLFSSL_SUCCESS) {
975
        return (int)prev_timeout;
976
    }
977
    else {
978
        return ret;
979
    }
980
#else
981
0
    return ret;
982
0
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
983
0
}
984
#endif /* !NO_TLS */
985
986
#ifndef NO_CLIENT_CACHE
987
988
/* Get Session from Client cache based on id/len, return NULL on failure */
989
WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
990
0
{
991
0
    WOLFSSL_SESSION* ret = NULL;
992
0
    word32          row;
993
0
    int             idx;
994
0
    int             count;
995
0
    int             error = 0;
996
0
    ClientSession*  clSess;
997
998
0
    WOLFSSL_ENTER("wolfSSL_GetSessionClient");
999
1000
0
    if (ssl->ctx->sessionCacheOff) {
1001
0
        WOLFSSL_MSG("Session Cache off");
1002
0
        return NULL;
1003
0
    }
1004
1005
0
    if (ssl->options.side == WOLFSSL_SERVER_END)
1006
0
        return NULL;
1007
1008
0
    len = (int)min(SERVER_ID_LEN, (word32)len);
1009
1010
    /* Do not access ssl->ctx->get_sess_cb from here. It is using a different
1011
     * set of ID's */
1012
1013
0
    row = HashObject(id, (word32)len, &error) % CLIENT_SESSION_ROWS;
1014
0
    if (error != 0) {
1015
0
        WOLFSSL_MSG("Hash session failed");
1016
0
        return NULL;
1017
0
    }
1018
1019
0
    if (wc_LockMutex(&clisession_mutex) != 0) {
1020
0
        WOLFSSL_MSG("Client cache mutex lock failed");
1021
0
        return NULL;
1022
0
    }
1023
1024
    /* start from most recently used */
1025
0
    count = (int)min((word32)ClientCache[row].totalCount,
1026
0
        CLIENT_SESSIONS_PER_ROW);
1027
0
    idx = ClientCache[row].nextIdx - 1;
1028
0
    if (idx < 0 || idx >= CLIENT_SESSIONS_PER_ROW) {
1029
        /* if back to front, the previous was end */
1030
0
        idx = CLIENT_SESSIONS_PER_ROW - 1;
1031
0
    }
1032
0
    clSess = ClientCache[row].Clients;
1033
1034
0
    for (; count > 0; --count) {
1035
0
        WOLFSSL_SESSION* current;
1036
0
        SessionRow* sessRow;
1037
1038
0
        if (clSess[idx].serverRow >= SESSION_ROWS) {
1039
0
            WOLFSSL_MSG("Client cache serverRow invalid");
1040
0
            break;
1041
0
        }
1042
1043
        /* lock row */
1044
0
        sessRow = &SessionCache[clSess[idx].serverRow];
1045
0
        if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
1046
0
            WOLFSSL_MSG("Session cache row lock failure");
1047
0
            break;
1048
0
        }
1049
1050
#ifdef SESSION_CACHE_DYNAMIC_MEM
1051
        current = sessRow->Sessions[clSess[idx].serverIdx];
1052
#else
1053
0
        current = &sessRow->Sessions[clSess[idx].serverIdx];
1054
0
#endif
1055
0
        if (current && XMEMCMP(current->serverID, id,
1056
0
                                                     (unsigned long)len) == 0) {
1057
0
            WOLFSSL_MSG("Found a serverid match for client");
1058
0
            if (LowResTimer() < (current->bornOn + current->timeout)) {
1059
0
                WOLFSSL_MSG("Session valid");
1060
0
                ret = current;
1061
0
                SESSION_ROW_UNLOCK(sessRow);
1062
0
                break;
1063
0
            } else {
1064
0
                WOLFSSL_MSG("Session timed out");  /* could have more for id */
1065
0
            }
1066
0
        } else {
1067
0
            WOLFSSL_MSG("ServerID not a match from client table");
1068
0
        }
1069
0
        SESSION_ROW_UNLOCK(sessRow);
1070
1071
0
        idx = idx > 0 ? idx - 1 : CLIENT_SESSIONS_PER_ROW - 1;
1072
0
    }
1073
1074
0
    wc_UnLockMutex(&clisession_mutex);
1075
1076
0
    return ret;
1077
0
}
1078
1079
#endif /* !NO_CLIENT_CACHE */
1080
1081
static int SslSessionCacheOff(const WOLFSSL* ssl,
1082
    const WOLFSSL_SESSION* session)
1083
0
{
1084
0
    (void)session;
1085
0
    return ssl->options.sessionCacheOff
1086
    #if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_FORCE_CACHE_ON_TICKET)
1087
                && session->ticketLen == 0
1088
    #endif
1089
0
                ;
1090
0
}
1091
1092
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
1093
    defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
1094
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1095
/**
1096
 * SessionTicketNoncePrealloc() - prealloc a buffer for ticket nonces
1097
 * @output: [in] pointer to WOLFSSL_SESSION object that will soon be a
1098
 * destination of a session duplication
1099
 * @buf: [out] address of the preallocated buf
1100
 * @len: [out] len of the preallocated buf
1101
 *
1102
 * prealloc a buffer that will likely suffice to contain a ticket nonce. It's
1103
 * used when copying session under lock, when syscalls need to be avoided. If
1104
 * output already has a dynamic buffer, it's reused.
1105
 */
1106
static int SessionTicketNoncePrealloc(byte** buf, byte* len, void *heap)
1107
{
1108
    (void)heap;
1109
1110
    *buf = (byte*)XMALLOC(PREALLOC_SESSION_TICKET_NONCE_LEN, heap,
1111
        DYNAMIC_TYPE_SESSION_TICK);
1112
    if (*buf == NULL) {
1113
        WOLFSSL_MSG("Failed to preallocate ticket nonce buffer");
1114
        *len = 0;
1115
        return 1;
1116
    }
1117
1118
    *len = PREALLOC_SESSION_TICKET_NONCE_LEN;
1119
    return 0;
1120
}
1121
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
1122
1123
static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
1124
    WOLFSSL_SESSION* output, int avoidSysCalls, byte* ticketNonceBuf,
1125
    byte* ticketNonceLen, byte* preallocUsed);
1126
1127
void TlsSessionCacheUnlockRow(word32 row)
1128
0
{
1129
0
    SessionRow* sessRow;
1130
1131
0
    sessRow = &SessionCache[row];
1132
0
    (void)sessRow;
1133
0
    SESSION_ROW_UNLOCK(sessRow);
1134
0
}
1135
1136
/* Don't use this function directly. Use TlsSessionCacheGetAndRdLock and
1137
 * TlsSessionCacheGetAndWrLock to fully utilize compiler const support. */
1138
static int TlsSessionCacheGetAndLock(const byte *id,
1139
    const WOLFSSL_SESSION **sess, word32 *lockedRow, byte readOnly, byte side)
1140
0
{
1141
0
    SessionRow *sessRow;
1142
0
    const WOLFSSL_SESSION *s;
1143
0
    word32 row;
1144
0
    int count;
1145
0
    int error;
1146
0
    int idx;
1147
1148
0
    *sess = NULL;
1149
0
    row = HashObject(id, ID_LEN, &error) % SESSION_ROWS;
1150
0
    if (error != 0)
1151
0
        return error;
1152
0
    sessRow = &SessionCache[row];
1153
0
    if (readOnly)
1154
0
        error = SESSION_ROW_RD_LOCK(sessRow);
1155
0
    else
1156
0
        error = SESSION_ROW_WR_LOCK(sessRow);
1157
0
    if (error != 0)
1158
0
        return FATAL_ERROR;
1159
1160
    /* start from most recently used */
1161
0
    count = (int)min((word32)sessRow->totalCount, SESSIONS_PER_ROW);
1162
0
    idx = sessRow->nextIdx - 1;
1163
0
    if (idx < 0 || idx >= SESSIONS_PER_ROW) {
1164
0
        idx = SESSIONS_PER_ROW - 1; /* if back to front, the previous was end */
1165
0
    }
1166
0
    for (; count > 0; --count) {
1167
#ifdef SESSION_CACHE_DYNAMIC_MEM
1168
        s = sessRow->Sessions[idx];
1169
#else
1170
0
        s = &sessRow->Sessions[idx];
1171
0
#endif
1172
        /* match session ID value and length */
1173
0
        if (s && s->sessionIDSz == ID_LEN && s->side == side &&
1174
0
                XMEMCMP(s->sessionID, id, ID_LEN) == 0) {
1175
0
            *sess = s;
1176
0
            break;
1177
0
        }
1178
0
        idx = idx > 0 ? idx - 1 : SESSIONS_PER_ROW - 1;
1179
0
    }
1180
0
    if (*sess == NULL) {
1181
0
        SESSION_ROW_UNLOCK(sessRow);
1182
0
    }
1183
0
    else {
1184
0
        *lockedRow = row;
1185
0
    }
1186
1187
0
    return 0;
1188
0
}
1189
1190
static int CheckSessionMatch(const WOLFSSL* ssl, const WOLFSSL_SESSION* sess)
1191
0
{
1192
0
    if (ssl == NULL || sess == NULL)
1193
0
        return 0;
1194
#ifdef OPENSSL_EXTRA
1195
    if (ssl->sessionCtxSz > 0 && (ssl->sessionCtxSz != sess->sessionCtxSz ||
1196
           XMEMCMP(ssl->sessionCtx, sess->sessionCtx, sess->sessionCtxSz) != 0))
1197
        return 0;
1198
#endif
1199
0
    if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version))
1200
0
        return 0;
1201
0
    return 1;
1202
0
}
1203
1204
int TlsSessionCacheGetAndRdLock(const byte *id, const WOLFSSL_SESSION **sess,
1205
        word32 *lockedRow, byte side)
1206
0
{
1207
0
    return TlsSessionCacheGetAndLock(id, sess, lockedRow, 1, side);
1208
0
}
1209
1210
int TlsSessionCacheGetAndWrLock(const byte *id, WOLFSSL_SESSION **sess,
1211
        word32 *lockedRow, byte side)
1212
0
{
1213
0
    return TlsSessionCacheGetAndLock(id, (const WOLFSSL_SESSION**)sess,
1214
0
            lockedRow, 0, side);
1215
0
}
1216
1217
int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
1218
0
{
1219
0
    const WOLFSSL_SESSION* sess = NULL;
1220
0
    const byte*  id = NULL;
1221
0
    word32       row;
1222
0
    int          error = 0;
1223
#ifdef HAVE_SESSION_TICKET
1224
    WC_DECLARE_VAR(tmpTicket, byte, PREALLOC_SESSION_TICKET_LEN, 0);
1225
#ifdef WOLFSSL_TLS13
1226
    byte *preallocNonce = NULL;
1227
    byte preallocNonceLen = 0;
1228
    byte preallocNonceUsed = 0;
1229
#endif /* WOLFSSL_TLS13 */
1230
    byte         tmpBufSet = 0;
1231
#endif
1232
0
    byte         bogusID[ID_LEN];
1233
0
    byte         bogusIDSz = 0;
1234
1235
0
    WOLFSSL_ENTER("wolfSSL_GetSessionFromCache");
1236
1237
0
    if (output == NULL) {
1238
0
        WOLFSSL_MSG("NULL output");
1239
0
        return WOLFSSL_FAILURE;
1240
0
    }
1241
1242
0
    if (SslSessionCacheOff(ssl, ssl->session))
1243
0
        return WOLFSSL_FAILURE;
1244
1245
0
    if (ssl->options.haveSessionId == 0 && !ssl->session->haveAltSessionID)
1246
0
        return WOLFSSL_FAILURE;
1247
1248
#ifdef HAVE_SESSION_TICKET
1249
    if (ssl->options.side == WOLFSSL_SERVER_END && ssl->options.useTicket == 1)
1250
        return WOLFSSL_FAILURE;
1251
#endif
1252
1253
0
    XMEMSET(bogusID, 0, sizeof(bogusID));
1254
0
    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL
1255
0
            && !ssl->session->haveAltSessionID)
1256
0
        id = ssl->arrays->sessionID;
1257
0
    else if (ssl->session->haveAltSessionID) {
1258
0
        id = ssl->session->altSessionID;
1259
        /* We want to restore the bogus ID for TLS compatibility */
1260
0
        if (output == ssl->session) {
1261
0
            XMEMCPY(bogusID, ssl->session->sessionID, ID_LEN);
1262
0
            bogusIDSz = ssl->session->sessionIDSz;
1263
0
        }
1264
0
    }
1265
0
    else
1266
0
        id = ssl->session->sessionID;
1267
1268
1269
#ifdef HAVE_EXT_CACHE
1270
    if (ssl->ctx->get_sess_cb != NULL) {
1271
        int copy = 0;
1272
        int found = 0;
1273
        WOLFSSL_SESSION* extSess;
1274
        /* Attempt to retrieve the session from the external cache. */
1275
        WOLFSSL_MSG("Calling external session cache");
1276
        extSess = ssl->ctx->get_sess_cb(ssl, (byte*)id, ID_LEN, &copy);
1277
        if ((extSess != NULL)
1278
                && CheckSessionMatch(ssl, extSess)
1279
            ) {
1280
            WOLFSSL_MSG("Session found in external cache");
1281
            found = 1;
1282
1283
            error = wolfSSL_DupSession(extSess, output, 0);
1284
#ifdef HAVE_EX_DATA
1285
            extSess->ownExData = 1;
1286
            output->ownExData = 0;
1287
#endif
1288
            /* We want to restore the bogus ID for TLS compatibility */
1289
            if (ssl->session->haveAltSessionID &&
1290
                    output == ssl->session) {
1291
                XMEMCPY(ssl->session->sessionID, bogusID, ID_LEN);
1292
                ssl->session->sessionIDSz = bogusIDSz;
1293
            }
1294
        }
1295
        /* If copy not set then free immediately */
1296
        if (extSess != NULL && !copy)
1297
            wolfSSL_FreeSession(ssl->ctx, extSess);
1298
        if (found)
1299
            return error;
1300
        WOLFSSL_MSG("Session not found in external cache");
1301
    }
1302
1303
    if (ssl->options.internalCacheLookupOff) {
1304
        WOLFSSL_MSG("Internal cache lookup turned off");
1305
        return WOLFSSL_FAILURE;
1306
    }
1307
#endif
1308
1309
#ifdef HAVE_SESSION_TICKET
1310
    if (output->ticket == NULL ||
1311
            output->ticketLenAlloc < PREALLOC_SESSION_TICKET_LEN) {
1312
#ifdef WOLFSSL_SMALL_STACK
1313
        tmpTicket = (byte*)XMALLOC(PREALLOC_SESSION_TICKET_LEN, output->heap,
1314
                DYNAMIC_TYPE_TMP_BUFFER);
1315
        if (tmpTicket == NULL) {
1316
            WOLFSSL_MSG("tmpTicket malloc failed");
1317
            return WOLFSSL_FAILURE;
1318
        }
1319
#endif
1320
        if (output->ticketLenAlloc)
1321
            XFREE(output->ticket, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1322
        /* cppcheck-suppress autoVariables */
1323
        output->ticket = tmpTicket;
1324
        output->ticketLenAlloc = PREALLOC_SESSION_TICKET_LEN;
1325
        output->ticketLen = 0;
1326
        tmpBufSet = 1;
1327
    }
1328
#endif
1329
1330
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
1331
    if (output->peer != NULL) {
1332
        wolfSSL_X509_free(output->peer);
1333
        output->peer = NULL;
1334
    }
1335
#endif
1336
1337
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) &&                  \
1338
    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
1339
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1340
    if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
1341
        XFREE(output->ticketNonce.data, output->heap,
1342
            DYNAMIC_TYPE_SESSION_TICK);
1343
        output->ticketNonce.data = output->ticketNonce.dataStatic;
1344
        output->ticketNonce.len = 0;
1345
    }
1346
    error = SessionTicketNoncePrealloc(&preallocNonce, &preallocNonceLen,
1347
        output->heap);
1348
    if (error != 0) {
1349
        if (tmpBufSet) {
1350
            output->ticket = output->staticTicket;
1351
            output->ticketLenAlloc = 0;
1352
        }
1353
        WC_FREE_VAR_EX(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
1354
        return WOLFSSL_FAILURE;
1355
    }
1356
#endif /* WOLFSSL_TLS13 && HAVE_SESSION_TICKET*/
1357
1358
    /* init to avoid clang static analyzer false positive */
1359
0
    row = 0;
1360
0
    error = TlsSessionCacheGetAndRdLock(id, &sess, &row,
1361
0
        (byte)ssl->options.side);
1362
0
    error = (error == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
1363
0
    if (error != WOLFSSL_SUCCESS || sess == NULL) {
1364
0
        WOLFSSL_MSG("Get Session from cache failed");
1365
0
        error = WOLFSSL_FAILURE;
1366
#ifdef HAVE_SESSION_TICKET
1367
        if (tmpBufSet) {
1368
            output->ticket = output->staticTicket;
1369
            output->ticketLenAlloc = 0;
1370
        }
1371
#ifdef WOLFSSL_TLS13
1372
        XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1373
        preallocNonce = NULL;
1374
#endif /* WOLFSSL_TLS13 */
1375
#ifdef WOLFSSL_SMALL_STACK
1376
        XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
1377
        tmpTicket = NULL;
1378
#endif
1379
#endif
1380
0
    }
1381
0
    else {
1382
0
        if (!CheckSessionMatch(ssl, sess)) {
1383
0
            WOLFSSL_MSG("Invalid session: can't be used in this context");
1384
0
            TlsSessionCacheUnlockRow(row);
1385
0
            error = WOLFSSL_FAILURE;
1386
0
        }
1387
0
        else if (LowResTimer() >= (sess->bornOn + sess->timeout)) {
1388
0
            WOLFSSL_SESSION* wrSess = NULL;
1389
0
            WOLFSSL_MSG("Invalid session: timed out");
1390
0
            sess = NULL;
1391
0
            TlsSessionCacheUnlockRow(row);
1392
            /* Attempt to get a write lock */
1393
0
            error = TlsSessionCacheGetAndWrLock(id, &wrSess, &row,
1394
0
                    (byte)ssl->options.side);
1395
0
            if (error == 0 && wrSess != NULL) {
1396
0
                EvictSessionFromCache(wrSess);
1397
0
                TlsSessionCacheUnlockRow(row);
1398
0
            }
1399
0
            error = WOLFSSL_FAILURE;
1400
0
        }
1401
0
    }
1402
1403
    /* mollify confused cppcheck nullPointer warning. */
1404
0
    if (sess == NULL)
1405
0
        error = WOLFSSL_FAILURE;
1406
1407
0
    if (error == WOLFSSL_SUCCESS) {
1408
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13)
1409
        error = wolfSSL_DupSessionEx(sess, output, 1,
1410
            preallocNonce, &preallocNonceLen, &preallocNonceUsed);
1411
#else
1412
0
        error = wolfSSL_DupSession(sess, output, 1);
1413
0
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
1414
#ifdef HAVE_EX_DATA
1415
        output->ownExData = !sess->ownExData; /* Session may own ex_data */
1416
#endif
1417
0
        TlsSessionCacheUnlockRow(row);
1418
0
    }
1419
1420
    /* We want to restore the bogus ID for TLS compatibility */
1421
0
    if (ssl->session->haveAltSessionID &&
1422
0
            output == ssl->session) {
1423
0
        XMEMCPY(ssl->session->sessionID, bogusID, ID_LEN);
1424
0
        ssl->session->sessionIDSz = bogusIDSz;
1425
0
    }
1426
1427
#ifdef HAVE_SESSION_TICKET
1428
    if (tmpBufSet) {
1429
        if (error == WOLFSSL_SUCCESS) {
1430
            if (output->ticketLen > SESSION_TICKET_LEN) {
1431
                output->ticket = (byte*)XMALLOC(output->ticketLen, output->heap,
1432
                        DYNAMIC_TYPE_SESSION_TICK);
1433
                if (output->ticket == NULL) {
1434
                    error = WOLFSSL_FAILURE;
1435
                    output->ticket = output->staticTicket;
1436
                    output->ticketLenAlloc = 0;
1437
                    output->ticketLen = 0;
1438
                }
1439
            }
1440
            else {
1441
                output->ticket = output->staticTicket;
1442
                output->ticketLenAlloc = 0;
1443
            }
1444
        }
1445
        else {
1446
            output->ticket = output->staticTicket;
1447
            output->ticketLenAlloc = 0;
1448
            output->ticketLen = 0;
1449
        }
1450
        if (error == WOLFSSL_SUCCESS) {
1451
            /* cppcheck-suppress uninitvar */
1452
            XMEMCPY(output->ticket, tmpTicket, output->ticketLen);
1453
        }
1454
    }
1455
    WC_FREE_VAR_EX(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
1456
1457
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1458
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1459
    if (error == WOLFSSL_SUCCESS && preallocNonceUsed) {
1460
        if (preallocNonceLen < PREALLOC_SESSION_TICKET_NONCE_LEN) {
1461
            /* buffer bigger than needed */
1462
#ifndef XREALLOC
1463
            output->ticketNonce.data = (byte*)XMALLOC(preallocNonceLen,
1464
                output->heap, DYNAMIC_TYPE_SESSION_TICK);
1465
            if (output->ticketNonce.data != NULL)
1466
                XMEMCPY(output->ticketNonce.data, preallocNonce,
1467
                    preallocNonceLen);
1468
            XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1469
            preallocNonce = NULL;
1470
#else
1471
            output->ticketNonce.data = (byte*)XREALLOC(preallocNonce,
1472
                preallocNonceLen, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1473
            if (output->ticketNonce.data != NULL) {
1474
                /* don't free the reallocated pointer */
1475
                preallocNonce = NULL;
1476
            }
1477
#endif /* !XREALLOC */
1478
            if (output->ticketNonce.data == NULL) {
1479
                output->ticketNonce.data = output->ticketNonce.dataStatic;
1480
                output->ticketNonce.len = 0;
1481
                error = WOLFSSL_FAILURE;
1482
                /* preallocNonce will be free'd after the if */
1483
            }
1484
        }
1485
        else {
1486
            output->ticketNonce.data = preallocNonce;
1487
            output->ticketNonce.len = preallocNonceLen;
1488
            preallocNonce = NULL;
1489
        }
1490
    }
1491
    XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1492
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
1493
1494
#endif
1495
1496
0
    return error;
1497
0
}
1498
1499
WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
1500
        byte restoreSessionCerts)
1501
0
{
1502
0
    WOLFSSL_SESSION* ret = NULL;
1503
1504
0
    (void)restoreSessionCerts; /* Kept for compatibility */
1505
1506
0
    if (wolfSSL_GetSessionFromCache(ssl, ssl->session) == WOLFSSL_SUCCESS) {
1507
0
        ret = ssl->session;
1508
0
    }
1509
0
    else {
1510
0
        WOLFSSL_MSG("wolfSSL_GetSessionFromCache did not return a session");
1511
0
    }
1512
1513
0
    if (ret != NULL && masterSecret != NULL)
1514
0
        XMEMCPY(masterSecret, ret->masterSecret, SECRET_LEN);
1515
1516
0
    return ret;
1517
0
}
1518
1519
int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
1520
0
{
1521
0
    SessionRow* sessRow = NULL;
1522
0
    int ret = WOLFSSL_SUCCESS;
1523
1524
0
    session = ClientSessionToSession(session);
1525
1526
0
    if (ssl == NULL || session == NULL || !session->isSetup) {
1527
0
        WOLFSSL_MSG("ssl or session NULL or not set up");
1528
0
        return WOLFSSL_FAILURE;
1529
0
    }
1530
1531
    /* We need to lock the session as the first step if its in the cache */
1532
0
    if (session->type == WOLFSSL_SESSION_TYPE_CACHE) {
1533
0
        if (session->cacheRow < SESSION_ROWS) {
1534
0
            sessRow = &SessionCache[session->cacheRow];
1535
0
            if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
1536
0
                WOLFSSL_MSG("Session row lock failed");
1537
0
                return WOLFSSL_FAILURE;
1538
0
            }
1539
0
        }
1540
0
    }
1541
1542
0
    if (ret == WOLFSSL_SUCCESS && ssl->options.side != WOLFSSL_NEITHER_END &&
1543
0
            (byte)ssl->options.side != session->side) {
1544
0
        WOLFSSL_MSG("Setting session for wrong role");
1545
0
        ret = WOLFSSL_FAILURE;
1546
0
    }
1547
1548
0
    if (ret == WOLFSSL_SUCCESS) {
1549
0
        if (ssl->session == session) {
1550
0
            WOLFSSL_MSG("ssl->session and session same");
1551
0
        }
1552
0
        else if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
1553
0
            if (wolfSSL_SESSION_up_ref(session) == WOLFSSL_SUCCESS) {
1554
0
                wolfSSL_FreeSession(ssl->ctx, ssl->session);
1555
0
                ssl->session = session;
1556
0
            }
1557
0
            else
1558
0
                ret = WOLFSSL_FAILURE;
1559
0
        }
1560
0
        else {
1561
0
            ret = wolfSSL_DupSession(session, ssl->session, 0);
1562
0
            if (ret != WOLFSSL_SUCCESS)
1563
0
                WOLFSSL_MSG("Session duplicate failed");
1564
0
        }
1565
0
    }
1566
1567
    /* Let's copy over the altSessionID for local cache purposes */
1568
0
    if (ret == WOLFSSL_SUCCESS && session->haveAltSessionID &&
1569
0
            ssl->session != session) {
1570
0
        ssl->session->haveAltSessionID = 1;
1571
0
        XMEMCPY(ssl->session->altSessionID, session->altSessionID, ID_LEN);
1572
0
    }
1573
1574
0
    if (sessRow != NULL) {
1575
0
        SESSION_ROW_UNLOCK(sessRow);
1576
0
        sessRow = NULL;
1577
0
    }
1578
1579
    /* Note: the `session` variable cannot be used below, since the row is
1580
     * un-locked */
1581
1582
0
    if (ret != WOLFSSL_SUCCESS)
1583
0
        return ret;
1584
1585
#ifdef WOLFSSL_SESSION_ID_CTX
1586
    /* check for application context id */
1587
    if (ssl->sessionCtxSz > 0) {
1588
        if (XMEMCMP(ssl->sessionCtx, ssl->session->sessionCtx,
1589
                ssl->sessionCtxSz)) {
1590
            /* context id did not match! */
1591
            WOLFSSL_MSG("Session context did not match");
1592
            return WOLFSSL_FAILURE;
1593
        }
1594
    }
1595
#endif /* WOLFSSL_SESSION_ID_CTX */
1596
1597
0
    if (LowResTimer() >= (ssl->session->bornOn + ssl->session->timeout)) {
1598
0
#if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL)
1599
0
        return WOLFSSL_FAILURE;  /* session timed out */
1600
#else /* defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) */
1601
        /* Return success for OpenSSL compatibility but do not carry the
1602
         * expired session's version/cipher into ssl state, which would
1603
         * otherwise pin the ClientHello to stale values. */
1604
        WOLFSSL_MSG("Session is expired but return success for "
1605
                    "OpenSSL compatibility");
1606
        return WOLFSSL_SUCCESS;
1607
#endif
1608
0
    }
1609
0
    ssl->options.resuming = 1;
1610
0
    ssl->options.haveEMS = (ssl->session->haveEMS) ? 1 : 0;
1611
1612
0
    if (ssl->session->version.major != 0) {
1613
        /* Reject sessions whose protocol version is below the configured
1614
         * minimum so a stale cached session cannot make the client send a
1615
         * ClientHello advertising a version it isn't allowed to negotiate.
1616
         * DTLS minor versions are inverted: a higher minor means an older
1617
         * protocol, so the comparison flips. */
1618
0
        byte belowMinDowngrade;
1619
0
        if (ssl->options.dtls)
1620
0
            belowMinDowngrade = ssl->session->version.minor >
1621
0
                                ssl->options.minDowngrade;
1622
0
        else
1623
0
            belowMinDowngrade = ssl->session->version.minor <
1624
0
                                ssl->options.minDowngrade;
1625
0
        if (belowMinDowngrade) {
1626
0
            WOLFSSL_MSG("Session version below configured minDowngrade");
1627
0
            ssl->options.resuming = 0;
1628
0
            return WOLFSSL_FAILURE;
1629
0
        }
1630
0
        ssl->version              = ssl->session->version;
1631
0
        if (IsAtLeastTLSv1_3(ssl->version))
1632
0
            ssl->options.tls1_3 = 1;
1633
0
    }
1634
0
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
1635
0
                    (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
1636
0
    ssl->options.cipherSuite0 = ssl->session->cipherSuite0;
1637
0
    ssl->options.cipherSuite  = ssl->session->cipherSuite;
1638
0
#endif
1639
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
1640
    ssl->peerVerifyRet = (unsigned long)ssl->session->peerVerifyRet;
1641
#endif
1642
1643
0
    return WOLFSSL_SUCCESS;
1644
0
}
1645
1646
1647
#ifdef WOLFSSL_SESSION_STATS
1648
static int get_locked_session_stats(word32* active, word32* total,
1649
                                    word32* peak);
1650
#endif
1651
1652
#ifndef NO_CLIENT_CACHE
1653
ClientSession* AddSessionToClientCache(int side, int row, int idx,
1654
    byte* serverID, word16 idLen, const byte* sessionID, word16 useTicket)
1655
0
{
1656
0
    int error = -1;
1657
0
    word32 clientRow = 0, clientIdx = 0;
1658
0
    ClientSession* ret = NULL;
1659
1660
0
    (void)useTicket;
1661
0
    if (side == WOLFSSL_CLIENT_END
1662
0
            && row != INVALID_SESSION_ROW
1663
0
            && (idLen
1664
#ifdef HAVE_SESSION_TICKET
1665
                || useTicket == 1
1666
#endif
1667
0
                || serverID != NULL
1668
0
                )) {
1669
1670
0
        WOLFSSL_MSG("Trying to add client cache entry");
1671
1672
0
        if (idLen) {
1673
0
            clientRow = HashObject(serverID,
1674
0
                    idLen, &error) % CLIENT_SESSION_ROWS;
1675
0
        }
1676
0
        else if (serverID != NULL) {
1677
0
            clientRow = HashObject(sessionID,
1678
0
                    ID_LEN, &error) % CLIENT_SESSION_ROWS;
1679
0
        }
1680
0
        else {
1681
0
            error = WOLFSSL_FATAL_ERROR;
1682
0
        }
1683
0
        if (error == 0 && wc_LockMutex(&clisession_mutex) == 0) {
1684
0
            clientIdx = (word32)ClientCache[clientRow].nextIdx;
1685
0
            if (clientIdx < CLIENT_SESSIONS_PER_ROW) {
1686
0
                ClientCache[clientRow].Clients[clientIdx].serverRow =
1687
0
                                                                (word16)row;
1688
0
                ClientCache[clientRow].Clients[clientIdx].serverIdx =
1689
0
                                                                (word16)idx;
1690
0
                if (sessionID != NULL) {
1691
0
                    word32 sessionIDHash = HashObject(sessionID, ID_LEN,
1692
0
                                                      &error);
1693
0
                    if (error == 0) {
1694
0
                        ClientCache[clientRow].Clients[clientIdx].sessionIDHash
1695
0
                            = sessionIDHash;
1696
0
                    }
1697
0
                }
1698
0
            }
1699
0
            else {
1700
0
                error = WOLFSSL_FATAL_ERROR;
1701
0
                ClientCache[clientRow].nextIdx = 0; /* reset index as safety */
1702
0
                WOLFSSL_MSG("Invalid client cache index! "
1703
0
                            "Possible corrupted memory");
1704
0
            }
1705
0
            if (error == 0) {
1706
0
                WOLFSSL_MSG("Adding client cache entry");
1707
1708
0
                ret = &ClientCache[clientRow].Clients[clientIdx];
1709
1710
0
                if (ClientCache[clientRow].totalCount < CLIENT_SESSIONS_PER_ROW)
1711
0
                    ClientCache[clientRow].totalCount++;
1712
0
                ClientCache[clientRow].nextIdx++;
1713
0
                ClientCache[clientRow].nextIdx %= CLIENT_SESSIONS_PER_ROW;
1714
0
            }
1715
1716
0
            wc_UnLockMutex(&clisession_mutex);
1717
0
        }
1718
0
        else {
1719
0
            WOLFSSL_MSG("Hash session or lock failed");
1720
0
        }
1721
0
    }
1722
0
    else {
1723
0
        WOLFSSL_MSG("Skipping client cache");
1724
0
    }
1725
1726
0
    return ret;
1727
0
}
1728
#endif /* !NO_CLIENT_CACHE */
1729
1730
/**
1731
 * For backwards compatibility, this API needs to be used in *ALL* functions
1732
 * that access the WOLFSSL_SESSION members directly.
1733
 *
1734
 * This API checks if the passed in session is actually a ClientSession object
1735
 * and returns the matching session cache object. Otherwise just return the
1736
 * input. ClientSession objects only occur in the ClientCache. They are not
1737
 * allocated anywhere else.
1738
 */
1739
WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
1740
0
{
1741
0
    WOLFSSL_ENTER("ClientSessionToSession");
1742
#ifdef NO_SESSION_CACHE_REF
1743
    return (WOLFSSL_SESSION*)session;
1744
#else
1745
0
#ifndef NO_CLIENT_CACHE
1746
0
    if (session == NULL)
1747
0
        return NULL;
1748
    /* Check if session points into ClientCache */
1749
0
    if ((byte*)session >= (byte*)ClientCache &&
1750
            /* Cast to byte* to make pointer arithmetic work per byte */
1751
0
            (byte*)session < ((byte*)ClientCache) + sizeof(ClientCache)) {
1752
0
        ClientSession* clientSession = (ClientSession*)session;
1753
0
        SessionRow* sessRow = NULL;
1754
0
        WOLFSSL_SESSION* cacheSession = NULL;
1755
0
        word32 sessionIDHash = 0;
1756
0
        int error = 0;
1757
0
        session = NULL; /* Default to NULL for failure case */
1758
0
        if (wc_LockMutex(&clisession_mutex) != 0) {
1759
0
            WOLFSSL_MSG("Client cache mutex lock failed");
1760
0
            return NULL;
1761
0
        }
1762
0
        if (clientSession->serverRow >= SESSION_ROWS ||
1763
0
                clientSession->serverIdx >= SESSIONS_PER_ROW) {
1764
0
            WOLFSSL_MSG("Client cache serverRow or serverIdx invalid");
1765
0
            error = WOLFSSL_FATAL_ERROR;
1766
0
        }
1767
0
        if (error == 0) {
1768
            /* Lock row */
1769
0
            sessRow = &SessionCache[clientSession->serverRow];
1770
            /* Prevent memory access before clientSession->serverRow and
1771
             * clientSession->serverIdx are sanitized. */
1772
0
            XFENCE();
1773
0
            error = SESSION_ROW_RD_LOCK(sessRow);
1774
0
            if (error != 0) {
1775
0
                WOLFSSL_MSG("Session cache row lock failure");
1776
0
                sessRow = NULL;
1777
0
            }
1778
0
        }
1779
0
        if (error == 0) {
1780
#ifdef SESSION_CACHE_DYNAMIC_MEM
1781
            cacheSession = sessRow->Sessions[clientSession->serverIdx];
1782
#else
1783
0
            cacheSession = &sessRow->Sessions[clientSession->serverIdx];
1784
0
#endif
1785
            /* Prevent memory access */
1786
0
            XFENCE();
1787
0
            if (cacheSession && cacheSession->sessionIDSz == 0) {
1788
0
                cacheSession = NULL;
1789
0
                WOLFSSL_MSG("Session cache entry not set");
1790
0
                error = WOLFSSL_FATAL_ERROR;
1791
0
            }
1792
0
        }
1793
0
        if (error == 0) {
1794
            /* Calculate the hash of the session ID */
1795
0
            sessionIDHash = HashObject(cacheSession->sessionID, ID_LEN,
1796
0
                    &error);
1797
0
        }
1798
0
        if (error == 0) {
1799
            /* Check the session ID hash matches */
1800
0
            error = clientSession->sessionIDHash != sessionIDHash;
1801
0
            if (error != 0)
1802
0
                WOLFSSL_MSG("session ID hashes don't match");
1803
0
        }
1804
0
        if (error == 0) {
1805
            /* Hashes match */
1806
0
            session = cacheSession;
1807
0
            WOLFSSL_MSG("Found session cache matching client session object");
1808
0
        }
1809
0
        if (sessRow != NULL) {
1810
0
            SESSION_ROW_UNLOCK(sessRow);
1811
0
        }
1812
0
        wc_UnLockMutex(&clisession_mutex);
1813
0
        return (WOLFSSL_SESSION*)session;
1814
0
    }
1815
0
    else {
1816
        /* Plain WOLFSSL_SESSION object */
1817
0
        return (WOLFSSL_SESSION*)session;
1818
0
    }
1819
#else
1820
    return (WOLFSSL_SESSION*)session;
1821
#endif
1822
0
#endif
1823
0
}
1824
1825
int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
1826
        const byte* id, byte idSz, int* sessionIndex, int side,
1827
        word16 useTicket, ClientSession** clientCacheEntry)
1828
0
{
1829
0
    WOLFSSL_SESSION* cacheSession = NULL;
1830
0
    SessionRow* sessRow = NULL;
1831
0
    word32 idx = 0;
1832
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
1833
    WOLFSSL_X509* cachePeer = NULL;
1834
    WOLFSSL_X509* addPeer = NULL;
1835
#endif
1836
#ifdef HAVE_SESSION_TICKET
1837
    byte*  cacheTicBuff = NULL;
1838
    byte   ticBuffUsed = 0;
1839
    byte*  ticBuff = NULL;
1840
    int    ticLen  = 0;
1841
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1842
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1843
    byte *preallocNonce = NULL;
1844
    byte preallocNonceLen = 0;
1845
    byte preallocNonceUsed = 0;
1846
    byte *toFree = NULL;
1847
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC */
1848
#endif /* HAVE_SESSION_TICKET */
1849
0
    int ret = 0;
1850
0
    int row;
1851
0
    int i;
1852
0
    int overwrite = 0;
1853
0
    (void)ctx;
1854
0
    (void)sessionIndex;
1855
0
    (void)useTicket;
1856
0
    (void)clientCacheEntry;
1857
1858
0
    WOLFSSL_ENTER("AddSessionToCache");
1859
1860
0
    if (idSz == 0) {
1861
0
        WOLFSSL_MSG("AddSessionToCache idSz == 0");
1862
0
        return BAD_FUNC_ARG;
1863
0
    }
1864
1865
0
    addSession = ClientSessionToSession(addSession);
1866
0
    if (addSession == NULL) {
1867
0
        WOLFSSL_MSG("AddSessionToCache is NULL");
1868
0
        return MEMORY_E;
1869
0
    }
1870
1871
#ifdef HAVE_SESSION_TICKET
1872
    ticLen = addSession->ticketLen;
1873
    /* Alloc Memory here to avoid syscalls during lock */
1874
    if (ticLen > SESSION_TICKET_LEN) {
1875
        ticBuff = (byte*)XMALLOC((size_t)ticLen, NULL,
1876
                DYNAMIC_TYPE_SESSION_TICK);
1877
        if (ticBuff == NULL) {
1878
            return MEMORY_E;
1879
        }
1880
    }
1881
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1882
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1883
    if (addSession->ticketNonce.data != addSession->ticketNonce.dataStatic) {
1884
        /* use the AddSession->heap even if the buffer maybe saved in
1885
         * CachedSession objects. CachedSession heap and AddSession heap should
1886
         * be the same */
1887
        preallocNonce = (byte*)XMALLOC(addSession->ticketNonce.len,
1888
            addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1889
        if (preallocNonce == NULL) {
1890
            XFREE(ticBuff, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1891
            return MEMORY_E;
1892
        }
1893
        preallocNonceLen = addSession->ticketNonce.len;
1894
    }
1895
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
1896
#endif /* HAVE_SESSION_TICKET */
1897
1898
    /* Find a position for the new session in cache and use that */
1899
    /* Use the session object in the cache for external cache if required */
1900
0
    row = (int)(HashObject(id, ID_LEN, &ret) % SESSION_ROWS);
1901
0
    if (ret != 0) {
1902
0
        WOLFSSL_MSG("Hash session failed");
1903
    #ifdef HAVE_SESSION_TICKET
1904
        XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
1905
    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&      \
1906
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1907
        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1908
    #endif
1909
    #endif
1910
0
        return ret;
1911
0
    }
1912
1913
0
    sessRow = &SessionCache[row];
1914
0
    if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
1915
    #ifdef HAVE_SESSION_TICKET
1916
        XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
1917
    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
1918
        (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && \
1919
                                 FIPS_VERSION_GE(5,3)))
1920
        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1921
    #endif
1922
    #endif
1923
0
        WOLFSSL_MSG("Session row lock failed");
1924
0
        return BAD_MUTEX_E;
1925
0
    }
1926
1927
0
    for (i = 0; i < SESSIONS_PER_ROW && i < sessRow->totalCount; i++) {
1928
#ifdef SESSION_CACHE_DYNAMIC_MEM
1929
        cacheSession = sessRow->Sessions[i];
1930
#else
1931
0
        cacheSession = &sessRow->Sessions[i];
1932
0
#endif
1933
0
        if (cacheSession && XMEMCMP(id,
1934
0
                cacheSession->sessionID, ID_LEN) == 0 &&
1935
0
                cacheSession->side == side) {
1936
0
            WOLFSSL_MSG("Session already exists. Overwriting.");
1937
0
            overwrite = 1;
1938
0
            idx = (word32)i;
1939
0
            break;
1940
0
        }
1941
0
    }
1942
1943
0
    if (!overwrite)
1944
0
        idx = (word32)sessRow->nextIdx;
1945
#ifdef SESSION_INDEX
1946
    if (sessionIndex != NULL)
1947
        *sessionIndex = (row << SESSIDX_ROW_SHIFT) | idx;
1948
#endif
1949
1950
#ifdef SESSION_CACHE_DYNAMIC_MEM
1951
    cacheSession = sessRow->Sessions[idx];
1952
    if (cacheSession == NULL) {
1953
        cacheSession = (WOLFSSL_SESSION*) XMALLOC(sizeof(WOLFSSL_SESSION),
1954
                                         sessRow->heap, DYNAMIC_TYPE_SESSION);
1955
        if (cacheSession == NULL) {
1956
        #ifdef HAVE_SESSION_TICKET
1957
            XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
1958
        #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
1959
            (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && \
1960
                                     FIPS_VERSION_GE(5,3)))
1961
            XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1962
        #endif
1963
        #endif
1964
            SESSION_ROW_UNLOCK(sessRow);
1965
            return MEMORY_E;
1966
        }
1967
        XMEMSET(cacheSession, 0, sizeof(WOLFSSL_SESSION));
1968
        sessRow->Sessions[idx] = cacheSession;
1969
    }
1970
#else
1971
0
    cacheSession = &sessRow->Sessions[idx];
1972
0
#endif
1973
1974
#ifdef HAVE_EX_DATA_CRYPTO
1975
    if (overwrite) {
1976
        /* Figure out who owns the ex_data */
1977
        if (cacheSession->ownExData) {
1978
            /* Prioritize cacheSession copy */
1979
            XMEMCPY(&addSession->ex_data, &cacheSession->ex_data,
1980
                    sizeof(WOLFSSL_CRYPTO_EX_DATA));
1981
        }
1982
        /* else will be copied in wolfSSL_DupSession call */
1983
    }
1984
    else if (cacheSession->ownExData) {
1985
        crypto_ex_cb_free_data(cacheSession, crypto_ex_cb_ctx_session,
1986
                               &cacheSession->ex_data);
1987
        cacheSession->ownExData = 0;
1988
    }
1989
#endif
1990
1991
0
    if (!overwrite)
1992
0
        EvictSessionFromCache(cacheSession);
1993
1994
0
    cacheSession->type = WOLFSSL_SESSION_TYPE_CACHE;
1995
0
    cacheSession->cacheRow = row;
1996
1997
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
1998
    /* Save the peer field to free after unlocking the row */
1999
    if (cacheSession->peer != NULL)
2000
        cachePeer = cacheSession->peer;
2001
    cacheSession->peer = NULL;
2002
#endif
2003
#ifdef HAVE_SESSION_TICKET
2004
    /* If we can reuse the existing buffer in cacheSession then we won't touch
2005
     * ticBuff at all making it a very cheap malloc/free. The page on a modern
2006
     * OS will most likely not even be allocated to the process. */
2007
    if (ticBuff != NULL && cacheSession->ticketLenAlloc < ticLen) {
2008
        /* Save pointer only if separately allocated */
2009
        if (cacheSession->ticket != cacheSession->staticTicket)
2010
            cacheTicBuff = cacheSession->ticket;
2011
        ticBuffUsed = 1;
2012
        cacheSession->ticket = ticBuff;
2013
        cacheSession->ticketLenAlloc = (word16) ticLen;
2014
    }
2015
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
2016
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2017
    /* cache entry never used */
2018
    if (cacheSession->ticketNonce.data == NULL)
2019
        cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
2020
2021
    if (cacheSession->ticketNonce.data !=
2022
            cacheSession->ticketNonce.dataStatic) {
2023
        toFree = cacheSession->ticketNonce.data;
2024
        cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
2025
        cacheSession->ticketNonce.len = 0;
2026
    }
2027
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
2028
#endif
2029
#ifdef SESSION_CERTS
2030
    if (overwrite &&
2031
            addSession->chain.count == 0 &&
2032
            cacheSession->chain.count > 0) {
2033
        /* Copy in the certs from the session */
2034
        addSession->chain.count = cacheSession->chain.count;
2035
        XMEMCPY(addSession->chain.certs, cacheSession->chain.certs,
2036
                sizeof(x509_buffer) * (size_t)cacheSession->chain.count);
2037
    }
2038
#endif /* SESSION_CERTS */
2039
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
2040
    /* Don't copy the peer cert into cache */
2041
    addPeer = addSession->peer;
2042
    addSession->peer = NULL;
2043
#endif
2044
0
    cacheSession->heap = NULL;
2045
    /* Copy data into the cache object */
2046
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
2047
    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                   \
2048
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2049
    ret = (wolfSSL_DupSessionEx(addSession, cacheSession, 1, preallocNonce,
2050
                                &preallocNonceLen, &preallocNonceUsed)
2051
           == WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
2052
#else
2053
0
    ret = (wolfSSL_DupSession(addSession, cacheSession, 1)
2054
0
           == WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
2055
0
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
2056
          && FIPS_VERSION_GE(5,3)*/
2057
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
2058
    addSession->peer = addPeer;
2059
#endif
2060
2061
0
    if (ret == 0) {
2062
0
        if (!overwrite) {
2063
            /* Increment the totalCount and the nextIdx */
2064
0
            if (sessRow->totalCount < SESSIONS_PER_ROW)
2065
0
                sessRow->totalCount++;
2066
0
            sessRow->nextIdx = (sessRow->nextIdx + 1) % SESSIONS_PER_ROW;
2067
0
        }
2068
0
        if (id != addSession->sessionID) {
2069
            /* ssl->session->sessionID may contain the bogus ID or we want the
2070
             * ID from the arrays object */
2071
0
            XMEMCPY(cacheSession->sessionID, id, ID_LEN);
2072
0
            cacheSession->sessionIDSz = ID_LEN;
2073
0
        }
2074
#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
2075
        if (ctx->rem_sess_cb != NULL)
2076
            cacheSession->rem_sess_cb = ctx->rem_sess_cb;
2077
#endif
2078
#ifdef HAVE_EX_DATA
2079
        /* The session in cache now owns the ex_data */
2080
        addSession->ownExData = 0;
2081
        cacheSession->ownExData = 1;
2082
#endif
2083
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
2084
    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
2085
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2086
        if (preallocNonce != NULL && preallocNonceUsed) {
2087
            cacheSession->ticketNonce.data = preallocNonce;
2088
            cacheSession->ticketNonce.len = preallocNonceLen;
2089
            preallocNonce = NULL;
2090
            preallocNonceLen = 0;
2091
        }
2092
#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
2093
        * && FIPS_VERSION_GE(5,3)*/
2094
0
    }
2095
#ifdef HAVE_SESSION_TICKET
2096
    else if (ticBuffUsed) {
2097
        /* Error occurred. Need to clean up the ticket buffer. */
2098
        cacheSession->ticket = cacheSession->staticTicket;
2099
        cacheSession->ticketLenAlloc = 0;
2100
        cacheSession->ticketLen = 0;
2101
    }
2102
#endif
2103
0
    SESSION_ROW_UNLOCK(sessRow);
2104
0
    cacheSession = NULL; /* Can't access after unlocked */
2105
2106
0
#ifndef NO_CLIENT_CACHE
2107
0
    if (ret == 0 && clientCacheEntry != NULL) {
2108
0
        ClientSession* clientCache = AddSessionToClientCache(side, row,
2109
0
            (int)idx, addSession->serverID, addSession->idLen, id, useTicket);
2110
0
        if (clientCache != NULL)
2111
0
            *clientCacheEntry = clientCache;
2112
0
    }
2113
0
#endif
2114
2115
#ifdef HAVE_SESSION_TICKET
2116
    if (ticBuff != NULL && !ticBuffUsed)
2117
        XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
2118
    XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
2119
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&         \
2120
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2121
    XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
2122
    XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
2123
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
2124
#endif
2125
2126
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
2127
    if (cachePeer != NULL) {
2128
        wolfSSL_X509_free(cachePeer);
2129
        cachePeer = NULL; /* Make sure not use after this point */
2130
    }
2131
#endif
2132
2133
0
    return ret;
2134
0
}
2135
2136
void AddSession(WOLFSSL* ssl)
2137
0
{
2138
0
    int    error = 0;
2139
0
    const byte* id = NULL;
2140
0
    byte idSz = 0;
2141
0
    WOLFSSL_SESSION* session = ssl->session;
2142
2143
0
    (void)error;
2144
2145
0
    WOLFSSL_ENTER("AddSession");
2146
2147
0
    if (SslSessionCacheOff(ssl, session)) {
2148
0
        WOLFSSL_MSG("Cache off");
2149
0
        return;
2150
0
    }
2151
2152
0
    if (session->haveAltSessionID) {
2153
0
        id = session->altSessionID;
2154
0
        idSz = ID_LEN;
2155
0
    }
2156
0
    else {
2157
0
        id = session->sessionID;
2158
0
        idSz = session->sessionIDSz;
2159
0
    }
2160
2161
    /* Do this only for the client because if the server doesn't have an ID at
2162
     * this point, it won't on resumption. */
2163
0
    if (idSz == 0 && ssl->options.side == WOLFSSL_CLIENT_END) {
2164
0
        WC_RNG* rng = NULL;
2165
0
        if (ssl->rng != NULL)
2166
0
            rng = ssl->rng;
2167
#if defined(HAVE_GLOBAL_RNG) && defined(OPENSSL_EXTRA)
2168
        else if (initGlobalRNG == 1 || wolfSSL_RAND_Init() == WOLFSSL_SUCCESS) {
2169
            rng = &globalRNG;
2170
        }
2171
#endif
2172
0
        if (wc_RNG_GenerateBlock(rng, ssl->session->altSessionID,
2173
0
                ID_LEN) != 0)
2174
0
            return;
2175
0
        ssl->session->haveAltSessionID = 1;
2176
0
        id = ssl->session->altSessionID;
2177
0
        idSz = ID_LEN;
2178
0
    }
2179
2180
#ifdef HAVE_EXT_CACHE
2181
    if (!ssl->options.internalCacheOff)
2182
#endif
2183
0
    {
2184
        /* Try to add the session to internal cache or external cache
2185
        if a new_sess_cb is set. Its ok if we don't succeed. */
2186
0
        (void)AddSessionToCache(ssl->ctx, session, id, idSz,
2187
#ifdef SESSION_INDEX
2188
                &ssl->sessionIndex,
2189
#else
2190
0
                NULL,
2191
0
#endif
2192
0
                ssl->options.side,
2193
#ifdef HAVE_SESSION_TICKET
2194
                ssl->options.useTicket,
2195
#else
2196
0
                0,
2197
0
#endif
2198
#ifdef NO_SESSION_CACHE_REF
2199
                NULL
2200
#else
2201
0
                (ssl->options.side == WOLFSSL_CLIENT_END) ?
2202
0
                        &ssl->clientSession : NULL
2203
0
#endif
2204
0
                        );
2205
0
    }
2206
2207
#ifdef HAVE_EXT_CACHE
2208
    if (error == 0 && ssl->ctx->new_sess_cb != NULL) {
2209
        int cbRet = 0;
2210
        wolfSSL_SESSION_up_ref(session);
2211
        cbRet = ssl->ctx->new_sess_cb(ssl, session);
2212
        if (cbRet == 0)
2213
            wolfSSL_FreeSession(ssl->ctx, session);
2214
    }
2215
#endif
2216
2217
#if defined(WOLFSSL_SESSION_STATS) && defined(WOLFSSL_PEAK_SESSIONS)
2218
    if (error == 0) {
2219
        word32 active = 0;
2220
2221
        error = get_locked_session_stats(&active, NULL, NULL);
2222
        if (error == WOLFSSL_SUCCESS) {
2223
            error = 0;  /* back to this function ok */
2224
2225
            if (PeakSessions < active) {
2226
                PeakSessions = active;
2227
            }
2228
        }
2229
    }
2230
#endif /* WOLFSSL_SESSION_STATS && WOLFSSL_PEAK_SESSIONS */
2231
0
    (void)error;
2232
0
}
2233
2234
2235
#ifdef SESSION_INDEX
2236
2237
int wolfSSL_GetSessionIndex(WOLFSSL* ssl)
2238
{
2239
    WOLFSSL_ENTER("wolfSSL_GetSessionIndex");
2240
    WOLFSSL_LEAVE("wolfSSL_GetSessionIndex", ssl->sessionIndex);
2241
    return ssl->sessionIndex;
2242
}
2243
2244
2245
int wolfSSL_GetSessionAtIndex(int idx, WOLFSSL_SESSION* session)
2246
{
2247
    int row, col, result = WOLFSSL_FAILURE;
2248
    SessionRow* sessRow;
2249
    WOLFSSL_SESSION* cacheSession;
2250
2251
    WOLFSSL_ENTER("wolfSSL_GetSessionAtIndex");
2252
2253
    session = ClientSessionToSession(session);
2254
2255
    row = idx >> SESSIDX_ROW_SHIFT;
2256
    col = idx & SESSIDX_IDX_MASK;
2257
2258
    if (session == NULL ||
2259
            row < 0 || row >= SESSION_ROWS || col >= SESSIONS_PER_ROW) {
2260
        return WOLFSSL_FAILURE;
2261
    }
2262
2263
    sessRow = &SessionCache[row];
2264
    if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
2265
        return BAD_MUTEX_E;
2266
    }
2267
2268
#ifdef SESSION_CACHE_DYNAMIC_MEM
2269
    cacheSession = sessRow->Sessions[col];
2270
#else
2271
    cacheSession = &sessRow->Sessions[col];
2272
#endif
2273
    if (cacheSession) {
2274
        XMEMCPY(session, cacheSession, sizeof(WOLFSSL_SESSION));
2275
        result = WOLFSSL_SUCCESS;
2276
    }
2277
    else {
2278
        result = WOLFSSL_FAILURE;
2279
    }
2280
2281
    SESSION_ROW_UNLOCK(sessRow);
2282
2283
    WOLFSSL_LEAVE("wolfSSL_GetSessionAtIndex", result);
2284
    return result;
2285
}
2286
2287
#endif /* SESSION_INDEX */
2288
2289
#if defined(SESSION_CERTS)
2290
2291
WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session)
2292
{
2293
    WOLFSSL_X509_CHAIN* chain = NULL;
2294
2295
    WOLFSSL_ENTER("wolfSSL_SESSION_get_peer_chain");
2296
2297
    session = ClientSessionToSession(session);
2298
2299
    if (session)
2300
        chain = &session->chain;
2301
2302
    WOLFSSL_LEAVE("wolfSSL_SESSION_get_peer_chain", chain ? 1 : 0);
2303
    return chain;
2304
}
2305
2306
2307
#ifdef OPENSSL_EXTRA
2308
/* gets the peer certificate associated with the session passed in
2309
 * returns null on failure, the caller should not free the returned pointer */
2310
WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session)
2311
{
2312
    WOLFSSL_ENTER("wolfSSL_SESSION_get_peer_chain");
2313
2314
    session = ClientSessionToSession(session);
2315
    if (session) {
2316
        int count;
2317
2318
        count = wolfSSL_get_chain_count(&session->chain);
2319
        if (count < 1 || count >= MAX_CHAIN_DEPTH) {
2320
            WOLFSSL_MSG("bad count found");
2321
            return NULL;
2322
        }
2323
2324
        if (session->peer == NULL) {
2325
            session->peer = wolfSSL_get_chain_X509(&session->chain, 0);
2326
        }
2327
        return session->peer;
2328
    }
2329
    WOLFSSL_MSG("No session passed in");
2330
2331
    return NULL;
2332
}
2333
#endif /* OPENSSL_EXTRA */
2334
#endif /* SESSION_INDEX && SESSION_CERTS */
2335
2336
2337
#ifdef WOLFSSL_SESSION_STATS
2338
2339
static int get_locked_session_stats(word32* active, word32* total, word32* peak)
2340
{
2341
    int result = WOLFSSL_SUCCESS;
2342
    int i;
2343
    int count;
2344
    int idx;
2345
    word32 now   = 0;
2346
    word32 seen  = 0;
2347
    word32 ticks = LowResTimer();
2348
2349
    WOLFSSL_ENTER("get_locked_session_stats");
2350
2351
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
2352
    SESSION_ROW_RD_LOCK(&SessionCache[0]);
2353
#endif
2354
    for (i = 0; i < SESSION_ROWS; i++) {
2355
        SessionRow* row = &SessionCache[i];
2356
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
2357
        if (SESSION_ROW_RD_LOCK(row) != 0) {
2358
            WOLFSSL_MSG("Session row cache mutex lock failed");
2359
            return BAD_MUTEX_E;
2360
        }
2361
    #endif
2362
2363
        seen += row->totalCount;
2364
2365
        if (active == NULL) {
2366
            SESSION_ROW_UNLOCK(row);
2367
            continue;
2368
        }
2369
2370
        count = min((word32)row->totalCount, SESSIONS_PER_ROW);
2371
        idx   = row->nextIdx - 1;
2372
        if (idx < 0 || idx >= SESSIONS_PER_ROW) {
2373
            idx = SESSIONS_PER_ROW - 1; /* if back to front previous was end */
2374
        }
2375
2376
        for (; count > 0; --count) {
2377
            /* if not expired then good */
2378
#ifdef SESSION_CACHE_DYNAMIC_MEM
2379
            if (row->Sessions[idx] &&
2380
                ticks < (row->Sessions[idx]->bornOn +
2381
                            row->Sessions[idx]->timeout) )
2382
#else
2383
            if (ticks < (row->Sessions[idx].bornOn +
2384
                            row->Sessions[idx].timeout) )
2385
#endif
2386
            {
2387
                now++;
2388
            }
2389
2390
            idx = idx > 0 ? idx - 1 : SESSIONS_PER_ROW - 1;
2391
        }
2392
2393
    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
2394
        SESSION_ROW_UNLOCK(row);
2395
    #endif
2396
    }
2397
#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
2398
    SESSION_ROW_UNLOCK(&SessionCache[0]);
2399
#endif
2400
2401
    if (active) {
2402
        *active = now;
2403
    }
2404
    if (total) {
2405
        *total = seen;
2406
    }
2407
2408
#ifdef WOLFSSL_PEAK_SESSIONS
2409
    if (peak) {
2410
        *peak = PeakSessions;
2411
    }
2412
#else
2413
    (void)peak;
2414
#endif
2415
2416
    WOLFSSL_LEAVE("get_locked_session_stats", result);
2417
2418
    return result;
2419
}
2420
2421
2422
/* return WOLFSSL_SUCCESS on ok */
2423
int wolfSSL_get_session_stats(word32* active, word32* total, word32* peak,
2424
                              word32* maxSessions)
2425
{
2426
    int result = WOLFSSL_SUCCESS;
2427
2428
    WOLFSSL_ENTER("wolfSSL_get_session_stats");
2429
2430
    if (maxSessions) {
2431
        *maxSessions = SESSIONS_PER_ROW * SESSION_ROWS;
2432
2433
        if (active == NULL && total == NULL && peak == NULL)
2434
            return result;  /* we're done */
2435
    }
2436
2437
    /* user must provide at least one query value */
2438
    if (active == NULL && total == NULL && peak == NULL) {
2439
        return BAD_FUNC_ARG;
2440
    }
2441
2442
    result = get_locked_session_stats(active, total, peak);
2443
2444
    WOLFSSL_LEAVE("wolfSSL_get_session_stats", result);
2445
2446
    return result;
2447
}
2448
2449
#endif /* WOLFSSL_SESSION_STATS */
2450
2451
2452
    #ifdef PRINT_SESSION_STATS
2453
2454
    /* WOLFSSL_SUCCESS on ok */
2455
    int wolfSSL_PrintSessionStats(void)
2456
    {
2457
        word32 totalSessionsSeen = 0;
2458
        word32 totalSessionsNow = 0;
2459
        word32 peak = 0;
2460
        word32 maxSessions = 0;
2461
        int    i;
2462
        int    ret;
2463
        double E;               /* expected freq */
2464
        double chiSquare = 0;
2465
2466
        ret = wolfSSL_get_session_stats(&totalSessionsNow, &totalSessionsSeen,
2467
                                        &peak, &maxSessions);
2468
        if (ret != WOLFSSL_SUCCESS)
2469
            return ret;
2470
        printf("Total Sessions Seen = %u\n", totalSessionsSeen);
2471
        printf("Total Sessions Now  = %u\n", totalSessionsNow);
2472
#ifdef WOLFSSL_PEAK_SESSIONS
2473
        printf("Peak  Sessions      = %u\n", peak);
2474
#endif
2475
        printf("Max   Sessions      = %u\n", maxSessions);
2476
2477
        E = (double)totalSessionsSeen / SESSION_ROWS;
2478
2479
        for (i = 0; i < SESSION_ROWS; i++) {
2480
            double diff = SessionCache[i].totalCount - E;
2481
            diff *= diff;                /* square    */
2482
            diff /= E;                   /* normalize */
2483
2484
            chiSquare += diff;
2485
        }
2486
        printf("  chi-square = %5.1f, d.f. = %d\n", chiSquare,
2487
                                                     SESSION_ROWS - 1);
2488
        #if (SESSION_ROWS == 11)
2489
            printf(" .05 p value =  18.3, chi-square should be less\n");
2490
        #elif (SESSION_ROWS == 211)
2491
            printf(".05 p value  = 244.8, chi-square should be less\n");
2492
        #elif (SESSION_ROWS == 5981)
2493
            printf(".05 p value  = 6161.0, chi-square should be less\n");
2494
        #elif (SESSION_ROWS == 3)
2495
            printf(".05 p value  =   6.0, chi-square should be less\n");
2496
        #elif (SESSION_ROWS == 2861)
2497
            printf(".05 p value  = 2985.5, chi-square should be less\n");
2498
        #endif
2499
        printf("\n");
2500
2501
        return ret;
2502
    }
2503
2504
    #endif /* SESSION_STATS */
2505
2506
#else  /* NO_SESSION_CACHE */
2507
2508
WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
2509
{
2510
    return (WOLFSSL_SESSION*)session;
2511
}
2512
2513
/* No session cache version */
2514
WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
2515
        byte restoreSessionCerts)
2516
{
2517
    (void)ssl;
2518
    (void)masterSecret;
2519
    (void)restoreSessionCerts;
2520
2521
    return NULL;
2522
}
2523
2524
#endif /* NO_SESSION_CACHE */
2525
2526
#ifdef OPENSSL_EXTRA
2527
2528
   /* returns previous set cache size which stays constant */
2529
    long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX* ctx, long sz)
2530
    {
2531
        /* cache size fixed at compile time in wolfSSL */
2532
        (void)ctx;
2533
        (void)sz;
2534
        WOLFSSL_MSG("session cache is set at compile time");
2535
        #ifndef NO_SESSION_CACHE
2536
            return (long)(SESSIONS_PER_ROW * SESSION_ROWS);
2537
        #else
2538
            return 0;
2539
        #endif
2540
    }
2541
2542
2543
    long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
2544
    {
2545
        (void)ctx;
2546
        #ifndef NO_SESSION_CACHE
2547
            return (long)(SESSIONS_PER_ROW * SESSION_ROWS);
2548
        #else
2549
            return 0;
2550
        #endif
2551
    }
2552
2553
#endif
2554
2555
#ifndef NO_SESSION_CACHE
2556
int wolfSSL_CTX_add_session(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
2557
0
{
2558
0
    int    error = 0;
2559
0
    const byte* id = NULL;
2560
0
    byte idSz = 0;
2561
2562
0
    WOLFSSL_ENTER("wolfSSL_CTX_add_session");
2563
2564
0
    session = ClientSessionToSession(session);
2565
0
    if (session == NULL)
2566
0
        return WOLFSSL_FAILURE;
2567
2568
    /* Session cache is global */
2569
0
    (void)ctx;
2570
2571
0
    if (session->haveAltSessionID) {
2572
0
        id = session->altSessionID;
2573
0
        idSz = ID_LEN;
2574
0
    }
2575
0
    else {
2576
0
        id = session->sessionID;
2577
0
        idSz = session->sessionIDSz;
2578
0
    }
2579
2580
0
    error = AddSessionToCache(ctx, session, id, idSz,
2581
0
            NULL, session->side,
2582
#ifdef HAVE_SESSION_TICKET
2583
            session->ticketLen > 0,
2584
#else
2585
0
            0,
2586
0
#endif
2587
0
            NULL);
2588
2589
0
    return error == 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
2590
0
}
2591
#endif
2592
2593
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
2594
        defined(HAVE_EXT_CACHE))
2595
/* stunnel 4.28 needs
2596
 *
2597
 * Callback that is called if a session tries to resume but could not find
2598
 * the session to resume it.
2599
 */
2600
void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX* ctx,
2601
    WOLFSSL_SESSION*(*f)(WOLFSSL*, const unsigned char*, int, int*))
2602
{
2603
    if (ctx == NULL)
2604
        return;
2605
2606
#ifdef HAVE_EXT_CACHE
2607
    ctx->get_sess_cb = f;
2608
#else
2609
    (void)f;
2610
#endif
2611
}
2612
2613
void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX* ctx,
2614
                             int (*f)(WOLFSSL*, WOLFSSL_SESSION*))
2615
{
2616
    if (ctx == NULL)
2617
        return;
2618
2619
#ifdef HAVE_EXT_CACHE
2620
    ctx->new_sess_cb = f;
2621
#else
2622
    (void)f;
2623
#endif
2624
}
2625
2626
void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*,
2627
                                                        WOLFSSL_SESSION*))
2628
{
2629
    if (ctx == NULL)
2630
        return;
2631
2632
#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
2633
    ctx->rem_sess_cb = f;
2634
#else
2635
    (void)f;
2636
#endif
2637
}
2638
2639
2640
/*
2641
 *
2642
 * Note: It is expected that the importing and exporting function have been
2643
 *       built with the same settings. For example if session tickets was
2644
 *       enabled with the wolfSSL library exporting a session then it is
2645
 *       expected to be turned on with the wolfSSL library importing the
2646
 *       session.
2647
 */
2648
int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
2649
{
2650
    int size = 0;
2651
#ifdef HAVE_EXT_CACHE
2652
    int idx = 0;
2653
#ifdef SESSION_CERTS
2654
    int i;
2655
#endif
2656
2657
    WOLFSSL_ENTER("wolfSSL_i2d_SSL_SESSION");
2658
2659
    sess = ClientSessionToSession(sess);
2660
    if (sess == NULL) {
2661
        return BAD_FUNC_ARG;
2662
    }
2663
2664
    /* side | bornOn | timeout | sessionID len | sessionID | masterSecret |
2665
     * haveEMS  */
2666
    size += OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN +
2667
            sess->sessionIDSz + SECRET_LEN + OPAQUE8_LEN;
2668
    /* altSessionID */
2669
    size += OPAQUE8_LEN + (sess->haveAltSessionID ? ID_LEN : 0);
2670
#ifdef SESSION_CERTS
2671
    /* Peer chain */
2672
    size += OPAQUE8_LEN;
2673
    for (i = 0; i < sess->chain.count; i++)
2674
        size += OPAQUE16_LEN + sess->chain.certs[i].length;
2675
#endif
2676
    /* Protocol version */
2677
    size += OPAQUE16_LEN;
2678
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
2679
                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
2680
    /* cipher suite */
2681
    size += OPAQUE16_LEN;
2682
#endif
2683
#ifndef NO_CLIENT_CACHE
2684
    /* ServerID len | ServerID */
2685
    size += OPAQUE16_LEN + sess->idLen;
2686
#endif
2687
#ifdef WOLFSSL_SESSION_ID_CTX
2688
    /* session context ID len | session context ID */
2689
    size += OPAQUE8_LEN + sess->sessionCtxSz;
2690
#endif
2691
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
2692
    /* peerVerifyRet */
2693
    size += OPAQUE8_LEN;
2694
#endif
2695
#ifdef WOLFSSL_TLS13
2696
    /* namedGroup */
2697
    size += OPAQUE16_LEN;
2698
#endif
2699
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
2700
#ifdef WOLFSSL_TLS13
2701
#ifdef WOLFSSL_32BIT_MILLI_TIME
2702
    /* ticketSeen | ticketAdd */
2703
    size += OPAQUE32_LEN + OPAQUE32_LEN;
2704
#else
2705
    /* ticketSeen Hi 32 bits | ticketSeen Lo 32 bits | ticketAdd */
2706
    size += OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE32_LEN;
2707
#endif
2708
    /* ticketNonce */
2709
    size += OPAQUE8_LEN + sess->ticketNonce.len;
2710
#endif
2711
#ifdef WOLFSSL_EARLY_DATA
2712
    size += OPAQUE32_LEN;
2713
#endif
2714
#endif
2715
#ifdef HAVE_SESSION_TICKET
2716
    /* ticket len | ticket */
2717
    size += OPAQUE16_LEN + sess->ticketLen;
2718
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
2719
#ifdef HAVE_SNI
2720
    /* sniHash */
2721
    size += TICKET_BINDING_HASH_SZ;
2722
#endif
2723
#ifdef HAVE_ALPN
2724
    /* alpnHash */
2725
    size += TICKET_BINDING_HASH_SZ;
2726
#endif
2727
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
2728
#endif
2729
2730
    if (p != NULL) {
2731
        unsigned char *data;
2732
2733
        if (*p == NULL)
2734
            *p = (unsigned char*)XMALLOC((size_t)size, NULL,
2735
                                                DYNAMIC_TYPE_OPENSSL);
2736
        if (*p == NULL)
2737
            return 0;
2738
        data = *p;
2739
2740
        data[idx++] = sess->side;
2741
        c32toa(sess->bornOn, data + idx); idx += OPAQUE32_LEN;
2742
        c32toa(sess->timeout, data + idx); idx += OPAQUE32_LEN;
2743
        data[idx++] = sess->sessionIDSz;
2744
        XMEMCPY(data + idx, sess->sessionID, sess->sessionIDSz);
2745
        idx += sess->sessionIDSz;
2746
        XMEMCPY(data + idx, sess->masterSecret, SECRET_LEN); idx += SECRET_LEN;
2747
        data[idx++] = (byte)sess->haveEMS;
2748
        data[idx++] = sess->haveAltSessionID ? ID_LEN : 0;
2749
        if (sess->haveAltSessionID) {
2750
            XMEMCPY(data + idx, sess->altSessionID, ID_LEN);
2751
            idx += ID_LEN;
2752
        }
2753
#ifdef SESSION_CERTS
2754
        data[idx++] = (byte)sess->chain.count;
2755
        for (i = 0; i < sess->chain.count; i++) {
2756
            c16toa((word16)sess->chain.certs[i].length, data + idx);
2757
            idx += OPAQUE16_LEN;
2758
            XMEMCPY(data + idx, sess->chain.certs[i].buffer,
2759
                    (size_t)sess->chain.certs[i].length);
2760
            idx += sess->chain.certs[i].length;
2761
        }
2762
#endif
2763
        data[idx++] = sess->version.major;
2764
        data[idx++] = sess->version.minor;
2765
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
2766
                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
2767
        data[idx++] = sess->cipherSuite0;
2768
        data[idx++] = sess->cipherSuite;
2769
#endif
2770
#ifndef NO_CLIENT_CACHE
2771
        c16toa(sess->idLen, data + idx); idx += OPAQUE16_LEN;
2772
        XMEMCPY(data + idx, sess->serverID, sess->idLen);
2773
        idx += sess->idLen;
2774
#endif
2775
#ifdef WOLFSSL_SESSION_ID_CTX
2776
        data[idx++] = sess->sessionCtxSz;
2777
        XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz);
2778
        idx += sess->sessionCtxSz;
2779
#endif
2780
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
2781
        data[idx++] = sess->peerVerifyRet;
2782
#endif
2783
#ifdef WOLFSSL_TLS13
2784
        c16toa(sess->namedGroup, data + idx);
2785
        idx += OPAQUE16_LEN;
2786
#endif
2787
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
2788
#ifdef WOLFSSL_TLS13
2789
#ifdef WOLFSSL_32BIT_MILLI_TIME
2790
        c32toa(sess->ticketSeen, data + idx);
2791
        idx += OPAQUE32_LEN;
2792
#else
2793
        c32toa((word32)(sess->ticketSeen >> 32), data + idx);
2794
        idx += OPAQUE32_LEN;
2795
        c32toa((word32)sess->ticketSeen, data + idx);
2796
        idx += OPAQUE32_LEN;
2797
#endif
2798
        c32toa(sess->ticketAdd, data + idx);
2799
        idx += OPAQUE32_LEN;
2800
        data[idx++] = sess->ticketNonce.len;
2801
        XMEMCPY(data + idx, sess->ticketNonce.data, sess->ticketNonce.len);
2802
        idx += sess->ticketNonce.len;
2803
#endif
2804
#ifdef WOLFSSL_EARLY_DATA
2805
        c32toa(sess->maxEarlyDataSz, data + idx);
2806
        idx += OPAQUE32_LEN;
2807
#endif
2808
#endif
2809
#ifdef HAVE_SESSION_TICKET
2810
        c16toa(sess->ticketLen, data + idx); idx += OPAQUE16_LEN;
2811
        XMEMCPY(data + idx, sess->ticket, sess->ticketLen);
2812
        idx += sess->ticketLen;
2813
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
2814
#ifdef HAVE_SNI
2815
        XMEMCPY(data + idx, sess->sniHash, TICKET_BINDING_HASH_SZ);
2816
        idx += TICKET_BINDING_HASH_SZ;
2817
#endif
2818
#ifdef HAVE_ALPN
2819
        XMEMCPY(data + idx, sess->alpnHash, TICKET_BINDING_HASH_SZ);
2820
        idx += TICKET_BINDING_HASH_SZ;
2821
#endif
2822
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
2823
#endif
2824
    }
2825
#endif
2826
2827
    (void)sess;
2828
    (void)p;
2829
#ifdef HAVE_EXT_CACHE
2830
    (void)idx;
2831
#endif
2832
2833
    return size;
2834
}
2835
2836
2837
/* TODO: no function to free new session.
2838
 *
2839
 * Note: It is expected that the importing and exporting function have been
2840
 *       built with the same settings. For example if session tickets was
2841
 *       enabled with the wolfSSL library exporting a session then it is
2842
 *       expected to be turned on with the wolfSSL library importing the
2843
 *       session.
2844
 */
2845
WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
2846
                                const unsigned char** p, long i)
2847
{
2848
    WOLFSSL_SESSION* s = NULL;
2849
    int ret = 0;
2850
#if defined(HAVE_EXT_CACHE)
2851
    int idx = 0;
2852
    byte* data;
2853
#ifdef SESSION_CERTS
2854
    int j;
2855
    word16 length;
2856
#endif
2857
#endif /* HAVE_EXT_CACHE */
2858
2859
    (void)p;
2860
    (void)i;
2861
    (void)ret;
2862
    (void)sess;
2863
2864
#ifdef HAVE_EXT_CACHE
2865
    if (p == NULL || *p == NULL)
2866
        return NULL;
2867
2868
    s = wolfSSL_SESSION_new();
2869
    if (s == NULL)
2870
        return NULL;
2871
2872
    idx = 0;
2873
    data = (byte*)*p;
2874
2875
    /* side | bornOn | timeout | sessionID len */
2876
    if (i < OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN) {
2877
        ret = BUFFER_ERROR;
2878
        goto end;
2879
    }
2880
    s->side = data[idx++];
2881
    ato32(data + idx, &s->bornOn); idx += OPAQUE32_LEN;
2882
    ato32(data + idx, &s->timeout); idx += OPAQUE32_LEN;
2883
    s->sessionIDSz = data[idx++];
2884
    if (s->sessionIDSz > ID_LEN) {
2885
        ret = BUFFER_ERROR;
2886
        goto end;
2887
    }
2888
2889
    /* sessionID | secret | haveEMS | haveAltSessionID */
2890
    if (i - idx < s->sessionIDSz + SECRET_LEN + OPAQUE8_LEN + OPAQUE8_LEN) {
2891
        ret = BUFFER_ERROR;
2892
        goto end;
2893
    }
2894
    XMEMCPY(s->sessionID, data + idx, s->sessionIDSz);
2895
    idx  += s->sessionIDSz;
2896
    XMEMCPY(s->masterSecret, data + idx, SECRET_LEN); idx += SECRET_LEN;
2897
    s->haveEMS = data[idx++];
2898
    if (data[idx] != ID_LEN && data[idx] != 0) {
2899
        ret = BUFFER_ERROR;
2900
        goto end;
2901
    }
2902
    s->haveAltSessionID = data[idx++] == ID_LEN;
2903
2904
    /* altSessionID */
2905
    if (s->haveAltSessionID) {
2906
        if (i - idx < ID_LEN) {
2907
            ret = BUFFER_ERROR;
2908
            goto end;
2909
        }
2910
        XMEMCPY(s->altSessionID, data + idx, ID_LEN); idx += ID_LEN;
2911
    }
2912
2913
#ifdef SESSION_CERTS
2914
    /* Certificate chain */
2915
    if (i - idx == 0) {
2916
        ret = BUFFER_ERROR;
2917
        goto end;
2918
    }
2919
    s->chain.count = data[idx++];
2920
    if (s->chain.count > MAX_CHAIN_DEPTH) {
2921
        ret = BUFFER_ERROR;
2922
        goto end;
2923
    }
2924
    for (j = 0; j < s->chain.count; j++) {
2925
        if (i - idx < OPAQUE16_LEN) {
2926
            ret = BUFFER_ERROR;
2927
            goto end;
2928
        }
2929
        ato16(data + idx, &length); idx += OPAQUE16_LEN;
2930
        if (length > MAX_X509_SIZE) {
2931
            ret = BUFFER_ERROR;
2932
            goto end;
2933
        }
2934
        s->chain.certs[j].length = length;
2935
        if (i - idx < length) {
2936
            ret = BUFFER_ERROR;
2937
            goto end;
2938
        }
2939
        XMEMCPY(s->chain.certs[j].buffer, data + idx, length);
2940
        idx += length;
2941
    }
2942
#endif
2943
    /* Protocol Version */
2944
    if (i - idx < OPAQUE16_LEN) {
2945
        ret = BUFFER_ERROR;
2946
        goto end;
2947
    }
2948
    s->version.major = data[idx++];
2949
    s->version.minor = data[idx++];
2950
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
2951
                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
2952
    /* Cipher suite */
2953
    if (i - idx < OPAQUE16_LEN) {
2954
        ret = BUFFER_ERROR;
2955
        goto end;
2956
    }
2957
    s->cipherSuite0 = data[idx++];
2958
    s->cipherSuite = data[idx++];
2959
#endif
2960
#ifndef NO_CLIENT_CACHE
2961
    /* ServerID len */
2962
    if (i - idx < OPAQUE16_LEN) {
2963
        ret = BUFFER_ERROR;
2964
        goto end;
2965
    }
2966
    ato16(data + idx, &s->idLen); idx += OPAQUE16_LEN;
2967
    if (s->idLen > SERVER_ID_LEN) {
2968
        ret = BUFFER_ERROR;
2969
        goto end;
2970
    }
2971
2972
    /* ServerID */
2973
    if (i - idx < s->idLen) {
2974
        ret = BUFFER_ERROR;
2975
        goto end;
2976
    }
2977
    XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen;
2978
#endif
2979
#ifdef WOLFSSL_SESSION_ID_CTX
2980
    /* byte for length of session context ID */
2981
    if (i - idx < OPAQUE8_LEN) {
2982
        ret = BUFFER_ERROR;
2983
        goto end;
2984
    }
2985
    s->sessionCtxSz = data[idx++];
2986
    if (s->sessionCtxSz > ID_LEN) {
2987
        ret = BUFFER_ERROR;
2988
        goto end;
2989
    }
2990
2991
    /* app session context ID */
2992
    if (i - idx < s->sessionCtxSz) {
2993
        ret = BUFFER_ERROR;
2994
        goto end;
2995
    }
2996
    XMEMCPY(s->sessionCtx, data + idx, s->sessionCtxSz); idx += s->sessionCtxSz;
2997
#endif
2998
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
2999
    /* byte for peerVerifyRet */
3000
    if (i - idx < OPAQUE8_LEN) {
3001
        ret = BUFFER_ERROR;
3002
        goto end;
3003
    }
3004
    s->peerVerifyRet = data[idx++];
3005
#endif
3006
#ifdef WOLFSSL_TLS13
3007
    if (i - idx < OPAQUE16_LEN) {
3008
        ret = BUFFER_ERROR;
3009
        goto end;
3010
    }
3011
    ato16(data + idx, &s->namedGroup);
3012
    idx += OPAQUE16_LEN;
3013
#endif
3014
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
3015
#ifdef WOLFSSL_TLS13
3016
3017
#ifdef WOLFSSL_32BIT_MILLI_TIME
3018
    if (i - idx < OPAQUE32_LEN) {
3019
        ret = BUFFER_ERROR;
3020
        goto end;
3021
    }
3022
    ato32(data + idx, &s->ticketSeen);
3023
    idx += OPAQUE32_LEN;
3024
#else
3025
    if (i - idx < (OPAQUE32_LEN * 2)) {
3026
        ret = BUFFER_ERROR;
3027
        goto end;
3028
    }
3029
    {
3030
        word32 seenHi, seenLo;
3031
        ato32(data + idx, &seenHi);
3032
        idx += OPAQUE32_LEN;
3033
        ato32(data + idx, &seenLo);
3034
        idx += OPAQUE32_LEN;
3035
        s->ticketSeen = ((sword64)seenHi << 32) + seenLo;
3036
    }
3037
#endif
3038
3039
    if (i - idx < OPAQUE32_LEN) {
3040
        ret = BUFFER_ERROR;
3041
        goto end;
3042
    }
3043
    ato32(data + idx, &s->ticketAdd);
3044
    idx += OPAQUE32_LEN;
3045
    if (i - idx < OPAQUE8_LEN) {
3046
        ret = BUFFER_ERROR;
3047
        goto end;
3048
    }
3049
    s->ticketNonce.len = data[idx++];
3050
3051
    if (i - idx < s->ticketNonce.len) {
3052
        ret = BUFFER_ERROR;
3053
        goto end;
3054
    }
3055
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                     \
3056
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3057
    ret = SessionTicketNoncePopulate(s, data + idx, s->ticketNonce.len);
3058
    if (ret != 0)
3059
        goto end;
3060
#else
3061
    if (s->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ) {
3062
        ret = BUFFER_ERROR;
3063
        goto end;
3064
    }
3065
    XMEMCPY(s->ticketNonce.data, data + idx, s->ticketNonce.len);
3066
#endif /* defined(WOLFSSL_TICKET_NONCE_MALLOC) && FIPS_VERSION_GE(5,3) */
3067
3068
    idx += s->ticketNonce.len;
3069
#endif
3070
#ifdef WOLFSSL_EARLY_DATA
3071
    if (i - idx < OPAQUE32_LEN) {
3072
        ret = BUFFER_ERROR;
3073
        goto end;
3074
    }
3075
    ato32(data + idx, &s->maxEarlyDataSz);
3076
    idx += OPAQUE32_LEN;
3077
#endif
3078
#endif
3079
#ifdef HAVE_SESSION_TICKET
3080
    /* ticket len */
3081
    if (i - idx < OPAQUE16_LEN) {
3082
        ret = BUFFER_ERROR;
3083
        goto end;
3084
    }
3085
    ato16(data + idx, &s->ticketLen); idx += OPAQUE16_LEN;
3086
3087
    /* Dispose of ol dynamic ticket and ensure space for new ticket. */
3088
    if (s->ticketLenAlloc > 0) {
3089
        XFREE(s->ticket, NULL, DYNAMIC_TYPE_SESSION_TICK);
3090
    }
3091
    if (s->ticketLen <= SESSION_TICKET_LEN)
3092
        s->ticket = s->staticTicket;
3093
    else {
3094
        s->ticket = (byte*)XMALLOC(s->ticketLen, NULL,
3095
                                   DYNAMIC_TYPE_SESSION_TICK);
3096
        if (s->ticket == NULL) {
3097
            ret = MEMORY_ERROR;
3098
            goto end;
3099
        }
3100
        s->ticketLenAlloc = (word16)s->ticketLen;
3101
    }
3102
3103
    /* ticket */
3104
    if (i - idx < s->ticketLen) {
3105
        ret = BUFFER_ERROR;
3106
        goto end;
3107
    }
3108
    XMEMCPY(s->ticket, data + idx, s->ticketLen); idx += s->ticketLen;
3109
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
3110
#ifdef HAVE_SNI
3111
    /* sniHash - SNI binding for stateful resumption (RFC 6066 section 3) */
3112
    if (i - idx < TICKET_BINDING_HASH_SZ) {
3113
        ret = BUFFER_ERROR;
3114
        goto end;
3115
    }
3116
    XMEMCPY(s->sniHash, data + idx, TICKET_BINDING_HASH_SZ);
3117
    idx += TICKET_BINDING_HASH_SZ;
3118
#endif
3119
#ifdef HAVE_ALPN
3120
    /* alpnHash - ALPN binding for stateful resumption */
3121
    if (i - idx < TICKET_BINDING_HASH_SZ) {
3122
        ret = BUFFER_ERROR;
3123
        goto end;
3124
    }
3125
    XMEMCPY(s->alpnHash, data + idx, TICKET_BINDING_HASH_SZ);
3126
    idx += TICKET_BINDING_HASH_SZ;
3127
#endif
3128
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
3129
#endif
3130
    (void)idx;
3131
3132
    if (sess != NULL) {
3133
        wolfSSL_FreeSession(NULL, *sess);
3134
        *sess = s;
3135
    }
3136
3137
    s->isSetup = 1;
3138
3139
    *p += idx;
3140
3141
end:
3142
    if (ret != 0 && (sess == NULL || *sess != s)) {
3143
        wolfSSL_FreeSession(NULL, s);
3144
        s = NULL;
3145
    }
3146
#endif /* HAVE_EXT_CACHE */
3147
    return s;
3148
}
3149
3150
/* Check if there is a session ticket associated with this WOLFSSL_SESSION.
3151
 *
3152
 * sess - pointer to WOLFSSL_SESSION struct
3153
 *
3154
 * Returns 1 if has session ticket, otherwise 0 */
3155
int wolfSSL_SESSION_has_ticket(const WOLFSSL_SESSION* sess)
3156
{
3157
    WOLFSSL_ENTER("wolfSSL_SESSION_has_ticket");
3158
#ifdef HAVE_SESSION_TICKET
3159
    sess = ClientSessionToSession(sess);
3160
    if (sess) {
3161
        if ((sess->ticketLen > 0) && (sess->ticket != NULL)) {
3162
            return WOLFSSL_SUCCESS;
3163
        }
3164
    }
3165
#else
3166
    (void)sess;
3167
#endif
3168
    return WOLFSSL_FAILURE;
3169
}
3170
3171
unsigned long wolfSSL_SESSION_get_ticket_lifetime_hint(
3172
                  const WOLFSSL_SESSION* sess)
3173
{
3174
    WOLFSSL_ENTER("wolfSSL_SESSION_get_ticket_lifetime_hint");
3175
    sess = ClientSessionToSession(sess);
3176
    if (sess) {
3177
        return sess->timeout;
3178
    }
3179
    return 0;
3180
}
3181
3182
long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess)
3183
{
3184
    long timeout = 0;
3185
    WOLFSSL_ENTER("wolfSSL_SESSION_get_timeout");
3186
    sess = ClientSessionToSession(sess);
3187
    if (sess)
3188
        timeout = sess->timeout;
3189
    return timeout;
3190
}
3191
3192
long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
3193
{
3194
    word32 tmptime;
3195
3196
    ses = ClientSessionToSession(ses);
3197
    if (ses == NULL || t < 0) {
3198
        return BAD_FUNC_ARG;
3199
    }
3200
3201
    tmptime = t & 0xFFFFFFFF;
3202
    ses->timeout = tmptime;
3203
3204
    return WOLFSSL_SUCCESS;
3205
}
3206
3207
long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
3208
{
3209
    long bornOn = 0;
3210
    WOLFSSL_ENTER("wolfSSL_SESSION_get_time");
3211
    sess = ClientSessionToSession(sess);
3212
    if (sess)
3213
        bornOn = sess->bornOn;
3214
    return bornOn;
3215
}
3216
3217
long wolfSSL_SESSION_set_time(WOLFSSL_SESSION *ses, long t)
3218
{
3219
3220
    ses = ClientSessionToSession(ses);
3221
    if (ses == NULL || t < 0) {
3222
        return 0;
3223
    }
3224
    ses->bornOn = (word32)t;
3225
    return t;
3226
}
3227
3228
#endif /* !NO_SESSION_CACHE && (OPENSSL_EXTRA || HAVE_EXT_CACHE) */
3229
3230
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
3231
    defined(HAVE_EX_DATA)
3232
3233
#if defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
3234
static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx,
3235
        void* data, byte get, void** getRet, int* setRet)
3236
{
3237
    int row;
3238
    int i;
3239
    int error = 0;
3240
    SessionRow* sessRow = NULL;
3241
    const byte* id;
3242
    byte foundCache = 0;
3243
3244
    if (getRet != NULL)
3245
        *getRet = NULL;
3246
    if (setRet != NULL)
3247
        *setRet = WOLFSSL_FAILURE;
3248
3249
    id = session->sessionID;
3250
    if (session->haveAltSessionID)
3251
        id = session->altSessionID;
3252
    else if (session->sessionIDSz != ID_LEN) {
3253
        WOLFSSL_MSG("Incorrect sessionIDSz");
3254
        return;
3255
    }
3256
3257
    row = (int)(HashObject(id, ID_LEN, &error) % SESSION_ROWS);
3258
    if (error != 0) {
3259
        WOLFSSL_MSG("Hash session failed");
3260
        return;
3261
    }
3262
3263
    sessRow = &SessionCache[row];
3264
    if (get)
3265
        error = SESSION_ROW_RD_LOCK(sessRow);
3266
    else
3267
        error = SESSION_ROW_WR_LOCK(sessRow);
3268
    if (error != 0) {
3269
        WOLFSSL_MSG("Session row lock failed");
3270
        return;
3271
    }
3272
3273
    for (i = 0; i < SESSIONS_PER_ROW && i < sessRow->totalCount; i++) {
3274
        WOLFSSL_SESSION* cacheSession;
3275
#ifdef SESSION_CACHE_DYNAMIC_MEM
3276
        cacheSession = sessRow->Sessions[i];
3277
#else
3278
        cacheSession = &sessRow->Sessions[i];
3279
#endif
3280
        if (cacheSession && cacheSession->sessionIDSz == ID_LEN &&
3281
                XMEMCMP(id, cacheSession->sessionID, ID_LEN) == 0
3282
                && session->side == cacheSession->side
3283
                && (IsAtLeastTLSv1_3(session->version) ==
3284
                    IsAtLeastTLSv1_3(cacheSession->version))
3285
            ) {
3286
            if (get) {
3287
                if (getRet) {
3288
                    *getRet = wolfSSL_CRYPTO_get_ex_data(
3289
                        &cacheSession->ex_data, idx);
3290
                }
3291
            }
3292
            else {
3293
                if (setRet) {
3294
                    *setRet = wolfSSL_CRYPTO_set_ex_data(
3295
                        &cacheSession->ex_data, idx, data);
3296
                }
3297
            }
3298
            foundCache = 1;
3299
            break;
3300
        }
3301
    }
3302
    SESSION_ROW_UNLOCK(sessRow);
3303
    /* If we don't have a session in cache then clear the ex_data and
3304
     * own it */
3305
    if (!foundCache) {
3306
        XMEMSET(&session->ex_data, 0, sizeof(WOLFSSL_CRYPTO_EX_DATA));
3307
        session->ownExData = 1;
3308
        if (!get) {
3309
            *setRet = wolfSSL_CRYPTO_set_ex_data(&session->ex_data, idx,
3310
                    data);
3311
        }
3312
    }
3313
3314
}
3315
#endif
3316
3317
#endif
3318
3319
#ifndef NO_SESSION_CACHE
3320
/* OpenSSL-compatible return: 1 if the session was found and removed from the
3321
 * internal cache, or if the external remove callback (rem_sess_cb) was
3322
 * invoked. 0 if neither applied (not present, or null arguments). */
3323
int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *s)
3324
0
{
3325
0
    int found = 0;
3326
#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
3327
    int rem_called = FALSE;
3328
#endif
3329
3330
0
    WOLFSSL_ENTER("wolfSSL_SSL_CTX_remove_session");
3331
3332
0
    s = ClientSessionToSession(s);
3333
0
    if (ctx == NULL || s == NULL)
3334
0
        return 0;
3335
3336
#ifdef HAVE_EXT_CACHE
3337
    if (!ctx->internalCacheOff)
3338
#endif
3339
0
    {
3340
0
        const byte* id;
3341
0
        WOLFSSL_SESSION *sess = NULL;
3342
0
        word32 row = 0;
3343
0
        int ret;
3344
3345
0
        id = s->sessionID;
3346
0
        if (s->haveAltSessionID)
3347
0
            id = s->altSessionID;
3348
3349
0
        ret = TlsSessionCacheGetAndWrLock(id, &sess, &row, ctx->method->side);
3350
0
        if (ret == 0 && sess != NULL) {
3351
0
            found = 1;
3352
#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
3353
            if (sess->rem_sess_cb != NULL) {
3354
                rem_called = TRUE;
3355
            }
3356
#endif
3357
            /* Call this before changing ownExData so that calls to ex_data
3358
             * don't try to access the SessionCache again. */
3359
0
            EvictSessionFromCache(sess);
3360
#ifdef HAVE_EX_DATA
3361
            if (sess->ownExData) {
3362
                /* Most recent version of ex data is in cache. Copy it
3363
                 * over so the user can free it. */
3364
                XMEMCPY(&s->ex_data, &sess->ex_data,
3365
                        sizeof(WOLFSSL_CRYPTO_EX_DATA));
3366
                s->ownExData = 1;
3367
                sess->ownExData = 0;
3368
            }
3369
#endif
3370
#ifdef SESSION_CACHE_DYNAMIC_MEM
3371
            {
3372
                /* Find and clear entry. Row is locked so we are good to go. */
3373
                int idx;
3374
                for (idx = 0; idx < SESSIONS_PER_ROW; idx++) {
3375
                    if (sess == SessionCache[row].Sessions[idx]) {
3376
                        XFREE(sess, sess->heap, DYNAMIC_TYPE_SESSION);
3377
                        SessionCache[row].Sessions[idx] = NULL;
3378
                        break;
3379
                    }
3380
                }
3381
            }
3382
#endif
3383
0
            TlsSessionCacheUnlockRow(row);
3384
0
        }
3385
0
    }
3386
3387
#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
3388
    if (ctx->rem_sess_cb != NULL && !rem_called) {
3389
        ctx->rem_sess_cb(ctx, s);
3390
        /* Assume the external cache had the session. */
3391
        found = 1;
3392
    }
3393
#endif
3394
3395
0
    return found;
3396
0
}
3397
3398
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
3399
    || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
3400
WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *ssl)
3401
{
3402
    WOLFSSL_ENTER("wolfSSL_SSL_get0_session");
3403
3404
    return ssl->session;
3405
}
3406
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
3407
    OPENSSL_EXTRA || HAVE_LIGHTY */
3408
3409
#endif /* NO_SESSION_CACHE */
3410
3411
#ifdef WOLFSSL_SESSION_EXPORT
3412
/* Used to import a serialized TLS session.
3413
 * WARNING: buf contains sensitive information about the state and is best to be
3414
 *          encrypted before storing if stored.
3415
 *
3416
 * @param ssl WOLFSSL structure to import the session into
3417
 * @param buf serialized session
3418
 * @param sz  size of buffer 'buf'
3419
 * @return the number of bytes read from buffer 'buf'
3420
 */
3421
int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf, unsigned int sz)
3422
{
3423
    if (ssl == NULL || buf == NULL) {
3424
        return BAD_FUNC_ARG;
3425
    }
3426
    return wolfSSL_session_import_internal(ssl, buf, sz, WOLFSSL_EXPORT_TLS);
3427
}
3428
3429
3430
/* Used to export a serialized TLS session.
3431
 * WARNING: buf contains sensitive information about the state and is best to be
3432
 *          encrypted before storing if stored.
3433
 *
3434
 * @param ssl WOLFSSL structure to export the session from
3435
 * @param buf output of serialized session
3436
 * @param sz  size in bytes set in 'buf'
3437
 * @return the number of bytes written into buffer 'buf'
3438
 */
3439
int wolfSSL_tls_export(WOLFSSL* ssl, unsigned char* buf, unsigned int* sz)
3440
{
3441
    if (ssl == NULL || sz == NULL) {
3442
        return BAD_FUNC_ARG;
3443
    }
3444
    return wolfSSL_session_export_internal(ssl, buf, sz, WOLFSSL_EXPORT_TLS);
3445
}
3446
3447
#ifdef WOLFSSL_DTLS
3448
int wolfSSL_dtls_import(WOLFSSL* ssl, const unsigned char* buf, unsigned int sz)
3449
{
3450
    WOLFSSL_ENTER("wolfSSL_session_import");
3451
3452
    if (ssl == NULL || buf == NULL) {
3453
        return BAD_FUNC_ARG;
3454
    }
3455
3456
    /* sanity checks on buffer and protocol are done in internal function */
3457
    return wolfSSL_session_import_internal(ssl, buf, sz, WOLFSSL_EXPORT_DTLS);
3458
}
3459
3460
3461
/* Sets the function to call for serializing the session. This function is
3462
 * called right after the handshake is completed. */
3463
int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, wc_dtls_export func)
3464
{
3465
3466
    WOLFSSL_ENTER("wolfSSL_CTX_dtls_set_export");
3467
3468
    /* purposefully allow func to be NULL */
3469
    if (ctx == NULL) {
3470
        return BAD_FUNC_ARG;
3471
    }
3472
3473
    ctx->dtls_export = func;
3474
3475
    return WOLFSSL_SUCCESS;
3476
}
3477
3478
/* Sets the function in WOLFSSL struct to call for serializing the session. This
3479
 * function is called right after the handshake is completed. */
3480
int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func)
3481
{
3482
3483
    WOLFSSL_ENTER("wolfSSL_dtls_set_export");
3484
3485
    /* purposefully allow func to be NULL */
3486
    if (ssl == NULL) {
3487
        return BAD_FUNC_ARG;
3488
    }
3489
3490
    ssl->dtls_export = func;
3491
3492
    return WOLFSSL_SUCCESS;
3493
}
3494
3495
3496
/* This function allows for directly serializing a session rather than using
3497
 * callbacks. It has less overhead by removing a temporary buffer and gives
3498
 * control over when the session gets serialized. When using callbacks the
3499
 * session is always serialized immediately after the handshake is finished.
3500
 *
3501
 * buf is the argument to contain the serialized session
3502
 * sz  is the size of the buffer passed in
3503
 * ssl is the WOLFSSL struct to serialize
3504
 * returns the size of serialized session on success, 0 on no action, and
3505
 *         negative value on error */
3506
int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf, unsigned int* sz)
3507
{
3508
    WOLFSSL_ENTER("wolfSSL_dtls_export");
3509
3510
    if (ssl == NULL || sz == NULL) {
3511
        return BAD_FUNC_ARG;
3512
    }
3513
3514
    if (buf == NULL) {
3515
        *sz = MAX_EXPORT_BUFFER;
3516
        return 0;
3517
    }
3518
3519
    /* if not DTLS do nothing */
3520
    if (!ssl->options.dtls) {
3521
        WOLFSSL_MSG("Currently only DTLS export is supported");
3522
        return 0;
3523
    }
3524
3525
    /* copy over keys, options, and dtls state struct */
3526
    return wolfSSL_session_export_internal(ssl, buf, sz, WOLFSSL_EXPORT_DTLS);
3527
}
3528
3529
3530
/* This function is similar to wolfSSL_dtls_export but only exports the portion
3531
 * of the WOLFSSL structure related to the state of the connection, i.e. peer
3532
 * sequence number, epoch, AEAD state etc.
3533
 *
3534
 * buf is the argument to contain the serialized state, if null then set "sz" to
3535
 *     buffer size required
3536
 * sz  is the size of the buffer passed in
3537
 * ssl is the WOLFSSL struct to serialize
3538
 * returns the size of serialized session on success, 0 on no action, and
3539
 *         negative value on error */
3540
int wolfSSL_dtls_export_state_only(WOLFSSL* ssl, unsigned char* buf,
3541
        unsigned int* sz)
3542
{
3543
    WOLFSSL_ENTER("wolfSSL_dtls_export_state_only");
3544
3545
    if (ssl == NULL || sz == NULL) {
3546
        return BAD_FUNC_ARG;
3547
    }
3548
3549
    if (buf == NULL) {
3550
        *sz = MAX_EXPORT_STATE_BUFFER;
3551
        return 0;
3552
    }
3553
3554
    /* if not DTLS do nothing */
3555
    if (!ssl->options.dtls) {
3556
        WOLFSSL_MSG("Currently only DTLS export state is supported");
3557
        return 0;
3558
    }
3559
3560
    /* copy over keys, options, and dtls state struct */
3561
    return wolfSSL_dtls_export_state_internal(ssl, buf, *sz);
3562
}
3563
3564
3565
/* returns 0 on success */
3566
int wolfSSL_send_session(WOLFSSL* ssl)
3567
{
3568
    int ret;
3569
    byte* buf;
3570
    word32 bufSz = MAX_EXPORT_BUFFER;
3571
3572
    WOLFSSL_ENTER("wolfSSL_send_session");
3573
3574
    if (ssl == NULL) {
3575
        return BAD_FUNC_ARG;
3576
    }
3577
3578
    buf = (byte*)XMALLOC(bufSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3579
    if (buf == NULL) {
3580
        return MEMORY_E;
3581
    }
3582
3583
    /* if not DTLS do nothing */
3584
    if (!ssl->options.dtls) {
3585
        XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3586
        WOLFSSL_MSG("Currently only DTLS export is supported");
3587
        return 0;
3588
    }
3589
3590
    /* copy over keys, options, and dtls state struct */
3591
    ret = wolfSSL_session_export_internal(ssl, buf, &bufSz,
3592
        WOLFSSL_EXPORT_DTLS);
3593
    if (ret < 0) {
3594
        XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3595
        return ret;
3596
    }
3597
3598
    /* if no error ret has size of buffer */
3599
    ret = ssl->dtls_export(ssl, buf, ret, NULL);
3600
    if (ret != WOLFSSL_SUCCESS) {
3601
        XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3602
        return ret;
3603
    }
3604
3605
    XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3606
    return 0;
3607
}
3608
#endif /* WOLFSSL_DTLS */
3609
#endif /* WOLFSSL_SESSION_EXPORT */
3610
3611
#ifdef OPENSSL_EXTRA
3612
3613
/* Copies the master secret over to out buffer. If outSz is 0 returns the size
3614
 * of master secret.
3615
 *
3616
 * ses : a session from completed TLS/SSL handshake
3617
 * out : buffer to hold copy of master secret
3618
 * outSz : size of out buffer
3619
 * returns : number of bytes copied into out buffer on success
3620
 *           less then or equal to 0 is considered a failure case
3621
 */
3622
int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
3623
        unsigned char* out, int outSz)
3624
{
3625
    int size;
3626
3627
    ses = ClientSessionToSession(ses);
3628
3629
    if (outSz == 0) {
3630
        return SECRET_LEN;
3631
    }
3632
3633
    if (ses == NULL || out == NULL || outSz < 0) {
3634
        return 0;
3635
    }
3636
3637
    if (outSz > SECRET_LEN) {
3638
        size = SECRET_LEN;
3639
    }
3640
    else {
3641
        size = outSz;
3642
    }
3643
3644
    XMEMCPY(out, ses->masterSecret, (size_t)size);
3645
    return size;
3646
}
3647
3648
3649
int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses)
3650
{
3651
    (void)ses;
3652
    return SECRET_LEN;
3653
}
3654
3655
#ifdef WOLFSSL_EARLY_DATA
3656
unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *session)
3657
{
3658
    if (session == NULL) {
3659
        return BAD_FUNC_ARG;
3660
    }
3661
3662
    return session->maxEarlyDataSz;
3663
}
3664
#endif /* WOLFSSL_EARLY_DATA */
3665
3666
#endif /* OPENSSL_EXTRA */
3667
3668
void SetupSession(WOLFSSL* ssl)
3669
0
{
3670
0
    WOLFSSL_SESSION* session = ssl->session;
3671
3672
0
    WOLFSSL_ENTER("SetupSession");
3673
3674
0
    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
3675
        /* Make sure the session ID is available when the user calls any
3676
         * get_session API */
3677
0
        if (!session->haveAltSessionID) {
3678
0
            XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
3679
0
            session->sessionIDSz = ssl->arrays->sessionIDSz;
3680
0
        }
3681
0
        else {
3682
0
            XMEMCPY(session->sessionID, session->altSessionID, ID_LEN);
3683
0
            session->sessionIDSz = ID_LEN;
3684
0
        }
3685
0
    }
3686
0
    session->side = (byte)ssl->options.side;
3687
0
    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
3688
0
        XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
3689
    /* RFC8446 Appendix D.
3690
     *   implementations which support both TLS 1.3 and earlier versions SHOULD
3691
     *   indicate the use of the Extended Master Secret extension in their APIs
3692
     *   whenever TLS 1.3 is used.
3693
     * Set haveEMS so that we send the extension in subsequent connections that
3694
     * offer downgrades. */
3695
0
    if (IsAtLeastTLSv1_3(ssl->version))
3696
0
        session->haveEMS = 1;
3697
0
    else
3698
0
        session->haveEMS = ssl->options.haveEMS;
3699
#ifdef WOLFSSL_SESSION_ID_CTX
3700
    /* If using compatibility layer then check for and copy over session context
3701
     * id. */
3702
    if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) {
3703
        XMEMCPY(ssl->session->sessionCtx, ssl->sessionCtx, ssl->sessionCtxSz);
3704
        session->sessionCtxSz = ssl->sessionCtxSz;
3705
    }
3706
#endif
3707
#if defined(HAVE_SESSION_TICKET) && \
3708
    !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
3709
    /* Bind the current SNI/ALPN to the session to verify on later resumption */
3710
#ifdef HAVE_SNI
3711
    (void)TicketSniHash(ssl, session->sniHash);
3712
#endif
3713
#ifdef HAVE_ALPN
3714
    (void)TicketAlpnHash(ssl, session->alpnHash);
3715
#endif
3716
#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER && !NO_TLS */
3717
0
    session->timeout = ssl->timeout;
3718
0
#ifndef NO_ASN_TIME
3719
0
    session->bornOn  = LowResTimer();
3720
0
#endif
3721
0
    session->version = ssl->version;
3722
0
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
3723
0
                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
3724
0
    session->cipherSuite0 = ssl->options.cipherSuite0;
3725
0
    session->cipherSuite = ssl->options.cipherSuite;
3726
0
#endif
3727
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
3728
    session->peerVerifyRet = (byte)ssl->peerVerifyRet;
3729
#endif
3730
0
    session->isSetup = 1;
3731
0
}
3732
3733
#ifdef WOLFSSL_SESSION_ID_CTX
3734
    /* Storing app session context id, this value is inherited by WOLFSSL
3735
     * objects created from WOLFSSL_CTX. Any session that is imported with a
3736
     * different session context id will be rejected.
3737
     *
3738
     * ctx         structure to set context in
3739
     * sid_ctx     value of context to set
3740
     * sid_ctx_len length of sid_ctx buffer
3741
     *
3742
     * Returns WOLFSSL_SUCCESS in success case and WOLFSSL_FAILURE when failing
3743
     */
3744
    int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX* ctx,
3745
                                           const unsigned char* sid_ctx,
3746
                                           unsigned int sid_ctx_len)
3747
    {
3748
        WOLFSSL_ENTER("wolfSSL_CTX_set_session_id_context");
3749
3750
        /* No application specific context needed for wolfSSL */
3751
        if (sid_ctx_len > ID_LEN || ctx == NULL || sid_ctx == NULL) {
3752
            return WOLFSSL_FAILURE;
3753
        }
3754
        XMEMCPY(ctx->sessionCtx, sid_ctx, sid_ctx_len);
3755
        ctx->sessionCtxSz = (byte)sid_ctx_len;
3756
3757
        return WOLFSSL_SUCCESS;
3758
    }
3759
3760
3761
3762
    /* Storing app session context id. Any session that is imported with a
3763
     * different session context id will be rejected.
3764
     *
3765
     * ssl  structure to set context in
3766
     * id   value of context to set
3767
     * len  length of sid_ctx buffer
3768
     *
3769
     * Returns WOLFSSL_SUCCESS in success case and WOLFSSL_FAILURE when failing
3770
     */
3771
    int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
3772
                                   unsigned int len)
3773
    {
3774
        WOLFSSL_ENTER("wolfSSL_set_session_id_context");
3775
3776
        if (len > ID_LEN || ssl == NULL || id == NULL) {
3777
            return WOLFSSL_FAILURE;
3778
        }
3779
        XMEMCPY(ssl->sessionCtx, id, len);
3780
        ssl->sessionCtxSz = (byte)len;
3781
3782
        return WOLFSSL_SUCCESS;
3783
    }
3784
#endif
3785
3786
/* return a new malloc'd session with default settings on success */
3787
WOLFSSL_SESSION* wolfSSL_NewSession(void* heap)
3788
0
{
3789
0
    WOLFSSL_SESSION* ret = NULL;
3790
3791
0
    WOLFSSL_ENTER("wolfSSL_NewSession");
3792
3793
0
    ret = (WOLFSSL_SESSION*)XMALLOC(sizeof(WOLFSSL_SESSION), heap,
3794
0
            DYNAMIC_TYPE_SESSION);
3795
0
    if (ret != NULL) {
3796
0
        int err;
3797
0
        XMEMSET(ret, 0, sizeof(WOLFSSL_SESSION));
3798
0
        wolfSSL_RefInit(&ret->ref, &err);
3799
    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
3800
        if (err != 0) {
3801
            WOLFSSL_MSG("Error setting up session reference mutex");
3802
            XFREE(ret, ret->heap, DYNAMIC_TYPE_SESSION);
3803
            return NULL;
3804
        }
3805
    #else
3806
0
        (void)err;
3807
0
    #endif
3808
0
#ifndef NO_SESSION_CACHE
3809
0
        ret->cacheRow = INVALID_SESSION_ROW; /* not in cache */
3810
0
#endif
3811
0
        ret->type = WOLFSSL_SESSION_TYPE_HEAP;
3812
0
        ret->heap = heap;
3813
#ifdef WOLFSSL_CHECK_MEM_ZERO
3814
        wc_MemZero_Add("SESSION master secret", ret->masterSecret, SECRET_LEN);
3815
        wc_MemZero_Add("SESSION id", ret->sessionID, ID_LEN);
3816
#endif
3817
    #ifdef HAVE_SESSION_TICKET
3818
        ret->ticket = ret->staticTicket;
3819
        #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&  \
3820
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3821
        ret->ticketNonce.data = ret->ticketNonce.dataStatic;
3822
        #endif
3823
    #endif
3824
#ifdef HAVE_EX_DATA
3825
        ret->ownExData = 1;
3826
        #ifdef HAVE_EX_DATA_CRYPTO
3827
        if (crypto_ex_cb_ctx_session != NULL) {
3828
            crypto_ex_cb_setup_new_data(ret, crypto_ex_cb_ctx_session,
3829
                    &ret->ex_data);
3830
        }
3831
        #endif
3832
#endif
3833
0
    }
3834
0
    return ret;
3835
0
}
3836
3837
3838
WOLFSSL_SESSION* wolfSSL_SESSION_new_ex(void* heap)
3839
0
{
3840
0
    return wolfSSL_NewSession(heap);
3841
0
}
3842
3843
WOLFSSL_SESSION* wolfSSL_SESSION_new(void)
3844
0
{
3845
0
    return wolfSSL_SESSION_new_ex(NULL);
3846
0
}
3847
3848
/* add one to session reference count
3849
 * return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error */
3850
int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session)
3851
0
{
3852
0
    int ret;
3853
3854
0
    session = ClientSessionToSession(session);
3855
3856
0
    if (session == NULL || session->type != WOLFSSL_SESSION_TYPE_HEAP)
3857
0
        return WOLFSSL_FAILURE;
3858
3859
0
    wolfSSL_RefInc(&session->ref, &ret);
3860
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
3861
    if (ret != 0) {
3862
        WOLFSSL_MSG("Failed to lock session mutex");
3863
        return WOLFSSL_FAILURE;
3864
    }
3865
#else
3866
0
    (void)ret;
3867
0
#endif
3868
3869
0
    return WOLFSSL_SUCCESS;
3870
0
}
3871
3872
/**
3873
 * Deep copy the contents from input to output.
3874
 * @param input         The source of the copy.
3875
 * @param output        The destination of the copy.
3876
 * @param avoidSysCalls If true, then system calls will be avoided or an error
3877
 *                      will be returned if it is not possible to proceed
3878
 *                      without a system call. This is useful for fetching
3879
 *                      sessions from cache. When a cache row is locked, we
3880
 *                      don't want to block other threads with long running
3881
 *                      system calls.
3882
 * @param ticketNonceBuf If not null and @avoidSysCalls is true, the copy of the
3883
 *                      ticketNonce will happen in this pre allocated buffer
3884
 * @param ticketNonceLen @ticketNonceBuf len as input, used length on output
3885
 * @param ticketNonceUsed if @ticketNonceBuf was used to copy the ticket nonce
3886
 * @return              WOLFSSL_SUCCESS on success
3887
 *                      WOLFSSL_FAILURE on failure
3888
 */
3889
static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
3890
    WOLFSSL_SESSION* output, int avoidSysCalls, byte* ticketNonceBuf,
3891
    byte* ticketNonceLen, byte* preallocUsed)
3892
0
{
3893
#ifdef HAVE_SESSION_TICKET
3894
    word16 ticLenAlloc = 0;
3895
    byte *ticBuff = NULL;
3896
#endif
3897
0
    const size_t copyOffset = WC_OFFSETOF(WOLFSSL_SESSION, heap) +
3898
0
        sizeof(input->heap);
3899
0
    int ret = WOLFSSL_SUCCESS;
3900
3901
0
    (void)avoidSysCalls;
3902
0
    (void)ticketNonceBuf;
3903
0
    (void)ticketNonceLen;
3904
0
    (void)preallocUsed;
3905
3906
0
    input = ClientSessionToSession(input);
3907
0
    output = ClientSessionToSession(output);
3908
3909
0
    if (input == NULL || output == NULL || input == output) {
3910
0
        WOLFSSL_MSG("input or output are null or same");
3911
0
        return WOLFSSL_FAILURE;
3912
0
    }
3913
3914
#ifdef HAVE_SESSION_TICKET
3915
    if (output->ticket != output->staticTicket) {
3916
        ticBuff = output->ticket;
3917
        ticLenAlloc = output->ticketLenAlloc;
3918
    }
3919
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
3920
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3921
        /* free the data, it would be better to reuse the buffer but this
3922
         * maintain the code simpler. A smart allocator should reuse the free'd
3923
         * buffer in the next malloc without much performance penalties. */
3924
    if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
3925
3926
        /*  Callers that avoid syscall should never calls this with
3927
         * output->tickeNonce.data being a dynamic buffer.*/
3928
        if (avoidSysCalls) {
3929
            WOLFSSL_MSG("can't avoid syscalls with dynamic TicketNonce buffer");
3930
            return WOLFSSL_FAILURE;
3931
        }
3932
3933
        XFREE(output->ticketNonce.data,
3934
            output->heap, DYNAMIC_TYPE_SESSION_TICK);
3935
        output->ticketNonce.data = output->ticketNonce.dataStatic;
3936
        output->ticketNonce.len = 0;
3937
    }
3938
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
3939
#endif /* HAVE_SESSION_TICKET */
3940
3941
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
3942
    if (output->peer != NULL) {
3943
        if (avoidSysCalls) {
3944
            WOLFSSL_MSG("Can't free cert when avoiding syscalls");
3945
            return WOLFSSL_FAILURE;
3946
        }
3947
        wolfSSL_X509_free(output->peer);
3948
        output->peer = NULL;
3949
    }
3950
#endif
3951
3952
0
    XMEMCPY((byte*)output + copyOffset, (byte*)input + copyOffset,
3953
0
            sizeof(WOLFSSL_SESSION) - copyOffset);
3954
3955
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
3956
    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
3957
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3958
    /* fix pointer to static after the copy  */
3959
    output->ticketNonce.data = output->ticketNonce.dataStatic;
3960
#endif
3961
    /* Set sane values for copy */
3962
0
#ifndef NO_SESSION_CACHE
3963
0
    if (output->type != WOLFSSL_SESSION_TYPE_CACHE)
3964
0
        output->cacheRow = INVALID_SESSION_ROW;
3965
0
#endif
3966
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
3967
    if (input->peer != NULL && input->peer->dynamicMemory) {
3968
        if (wolfSSL_X509_up_ref(input->peer) != WOLFSSL_SUCCESS) {
3969
            WOLFSSL_MSG("Can't increase peer cert ref count");
3970
            output->peer = NULL;
3971
        }
3972
    }
3973
    else if (!avoidSysCalls)
3974
        output->peer = wolfSSL_X509_dup(input->peer);
3975
    else
3976
        /* output->peer is not that important to copy */
3977
        output->peer = NULL;
3978
#endif
3979
#ifdef HAVE_SESSION_TICKET
3980
    if (input->ticketLen > SESSION_TICKET_LEN) {
3981
        /* Need dynamic buffer */
3982
        if (ticBuff == NULL || ticLenAlloc < input->ticketLen) {
3983
            /* allocate new one */
3984
            byte* tmp;
3985
            if (avoidSysCalls) {
3986
                WOLFSSL_MSG("Failed to allocate memory for ticket when avoiding"
3987
                        " syscalls");
3988
                output->ticket = ticBuff;
3989
                output->ticketLenAlloc = (word16) ticLenAlloc;
3990
                output->ticketLen = 0;
3991
                ret = WOLFSSL_FAILURE;
3992
            }
3993
            else {
3994
#ifdef WOLFSSL_NO_REALLOC
3995
                tmp = (byte*)XMALLOC(input->ticketLen,
3996
                        output->heap, DYNAMIC_TYPE_SESSION_TICK);
3997
                XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
3998
                ticBuff = NULL;
3999
#else
4000
                tmp = (byte*)XREALLOC(ticBuff, input->ticketLen,
4001
                        output->heap, DYNAMIC_TYPE_SESSION_TICK);
4002
#endif /* WOLFSSL_NO_REALLOC */
4003
                if (tmp == NULL) {
4004
                    WOLFSSL_MSG("Failed to allocate memory for ticket");
4005
#ifndef WOLFSSL_NO_REALLOC
4006
                    XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
4007
                    ticBuff = NULL;
4008
#endif /* WOLFSSL_NO_REALLOC */
4009
                    output->ticket = NULL;
4010
                    output->ticketLen = 0;
4011
                    output->ticketLenAlloc = 0;
4012
                    ret = WOLFSSL_FAILURE;
4013
                }
4014
                else {
4015
                    ticBuff = tmp;
4016
                    ticLenAlloc = input->ticketLen;
4017
                }
4018
            }
4019
        }
4020
        if (ticBuff != NULL && ret == WOLFSSL_SUCCESS) {
4021
            XMEMCPY(ticBuff, input->ticket, input->ticketLen);
4022
            output->ticket = ticBuff;
4023
            output->ticketLenAlloc = (word16) ticLenAlloc;
4024
        }
4025
    }
4026
    else {
4027
        /* Default ticket to non dynamic */
4028
        if (avoidSysCalls) {
4029
            /* Try to use ticBuf if available. Caller can later move it to
4030
             * the static buffer. */
4031
            if (ticBuff != NULL) {
4032
                if (ticLenAlloc >= input->ticketLen) {
4033
                    output->ticket = ticBuff;
4034
                    output->ticketLenAlloc = ticLenAlloc;
4035
                }
4036
                else {
4037
                    WOLFSSL_MSG("ticket dynamic buffer too small but we are "
4038
                                "avoiding system calls");
4039
                    ret = WOLFSSL_FAILURE;
4040
                    output->ticket = ticBuff;
4041
                    output->ticketLenAlloc = (word16) ticLenAlloc;
4042
                    output->ticketLen = 0;
4043
                }
4044
            }
4045
            else {
4046
                output->ticket = output->staticTicket;
4047
                output->ticketLenAlloc = 0;
4048
            }
4049
        }
4050
        else {
4051
            XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
4052
            output->ticket = output->staticTicket;
4053
            output->ticketLenAlloc = 0;
4054
        }
4055
        if (input->ticketLenAlloc > 0 && ret == WOLFSSL_SUCCESS) {
4056
            /* Shouldn't happen as session should have placed this in
4057
             * the static buffer */
4058
            XMEMCPY(output->ticket, input->ticket,
4059
                    input->ticketLen);
4060
        }
4061
    }
4062
    ticBuff = NULL;
4063
4064
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
4065
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
4066
    if (preallocUsed != NULL)
4067
        *preallocUsed = 0;
4068
4069
    if (input->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ &&
4070
        ret == WOLFSSL_SUCCESS) {
4071
        /* TicketNonce does not fit in the static buffer */
4072
        if (!avoidSysCalls) {
4073
            output->ticketNonce.data = (byte*)XMALLOC(input->ticketNonce.len,
4074
                output->heap, DYNAMIC_TYPE_SESSION_TICK);
4075
4076
            if (output->ticketNonce.data == NULL) {
4077
                WOLFSSL_MSG("Failed to allocate space for ticket nonce");
4078
                output->ticketNonce.data = output->ticketNonce.dataStatic;
4079
                output->ticketNonce.len = 0;
4080
                ret = WOLFSSL_FAILURE;
4081
            }
4082
            else {
4083
                output->ticketNonce.len = input->ticketNonce.len;
4084
                XMEMCPY(output->ticketNonce.data, input->ticketNonce.data,
4085
                    input->ticketNonce.len);
4086
                ret = WOLFSSL_SUCCESS;
4087
            }
4088
        }
4089
        /* we can't do syscalls. Use prealloc buffers if provided from the
4090
         * caller. */
4091
        else if (ticketNonceBuf != NULL &&
4092
                 *ticketNonceLen >= input->ticketNonce.len) {
4093
            XMEMCPY(ticketNonceBuf, input->ticketNonce.data,
4094
                input->ticketNonce.len);
4095
            *ticketNonceLen = input->ticketNonce.len;
4096
            if (preallocUsed != NULL)
4097
                *preallocUsed = 1;
4098
            ret = WOLFSSL_SUCCESS;
4099
        }
4100
        else {
4101
            WOLFSSL_MSG("TicketNonce bigger than static buffer, and we can't "
4102
                        "do syscalls");
4103
            ret = WOLFSSL_FAILURE;
4104
        }
4105
    }
4106
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
4107
4108
#endif /* HAVE_SESSION_TICKET */
4109
4110
#ifdef HAVE_EX_DATA_CRYPTO
4111
    if (input->type != WOLFSSL_SESSION_TYPE_CACHE &&
4112
            output->type != WOLFSSL_SESSION_TYPE_CACHE) {
4113
        /* Not called with cache as that passes ownership of ex_data */
4114
        ret = crypto_ex_cb_dup_data(&input->ex_data, &output->ex_data,
4115
                                    crypto_ex_cb_ctx_session);
4116
    }
4117
#endif
4118
4119
0
    return ret;
4120
0
}
4121
4122
/**
4123
 * Deep copy the contents from input to output.
4124
 * @param input         The source of the copy.
4125
 * @param output        The destination of the copy.
4126
 * @param avoidSysCalls If true, then system calls will be avoided or an error
4127
 *                      will be returned if it is not possible to proceed
4128
 *                      without a system call. This is useful for fetching
4129
 *                      sessions from cache. When a cache row is locked, we
4130
 *                      don't want to block other threads with long running
4131
 *                      system calls.
4132
 * @return              WOLFSSL_SUCCESS on success
4133
 *                      WOLFSSL_FAILURE on failure
4134
 */
4135
int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
4136
        int avoidSysCalls)
4137
0
{
4138
0
    return wolfSSL_DupSessionEx(input, output, avoidSysCalls, NULL, NULL, NULL);
4139
0
}
4140
4141
WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
4142
0
{
4143
0
    WOLFSSL_SESSION* copy;
4144
4145
0
    WOLFSSL_ENTER("wolfSSL_SESSION_dup");
4146
4147
0
    session = ClientSessionToSession(session);
4148
0
    if (session == NULL)
4149
0
        return NULL;
4150
4151
#ifdef HAVE_SESSION_TICKET
4152
    if (session->ticketLenAlloc > 0 && !session->ticket) {
4153
        WOLFSSL_MSG("Session dynamic flag is set but ticket pointer is null");
4154
        return NULL;
4155
    }
4156
#endif
4157
4158
0
    copy = wolfSSL_NewSession(session->heap);
4159
0
    if (copy != NULL &&
4160
0
            wolfSSL_DupSession(session, copy, 0) != WOLFSSL_SUCCESS) {
4161
0
        wolfSSL_FreeSession(NULL, copy);
4162
0
        copy = NULL;
4163
0
    }
4164
0
    return copy;
4165
0
}
4166
4167
void wolfSSL_FreeSession(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
4168
0
{
4169
0
    session = ClientSessionToSession(session);
4170
0
    if (session == NULL)
4171
0
        return;
4172
4173
0
    (void)ctx;
4174
4175
0
    WOLFSSL_ENTER("wolfSSL_FreeSession");
4176
4177
0
    if (session->ref.count > 0) {
4178
0
        int ret;
4179
0
        int isZero;
4180
0
        wolfSSL_RefDec(&session->ref, &isZero, &ret);
4181
0
        (void)ret;
4182
0
        if (!isZero) {
4183
0
            return;
4184
0
        }
4185
0
        wolfSSL_RefFree(&session->ref);
4186
0
    }
4187
4188
0
    WOLFSSL_MSG("wolfSSL_FreeSession full free");
4189
4190
#ifdef HAVE_EX_DATA_CRYPTO
4191
    if (session->ownExData) {
4192
        crypto_ex_cb_free_data(session, crypto_ex_cb_ctx_session,
4193
                &session->ex_data);
4194
    }
4195
#endif
4196
4197
#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
4198
    wolfSSL_CRYPTO_cleanup_ex_data(&session->ex_data);
4199
#endif
4200
4201
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
4202
    if (session->peer) {
4203
        wolfSSL_X509_free(session->peer);
4204
        session->peer = NULL;
4205
    }
4206
#endif
4207
4208
#ifdef HAVE_SESSION_TICKET
4209
    if (session->ticketLenAlloc > 0) {
4210
        XFREE(session->ticket, session->heap, DYNAMIC_TYPE_SESSION_TICK);
4211
        session->ticket = session->staticTicket;
4212
        session->ticketLen = 0;
4213
        session->ticketLenAlloc = 0;
4214
    }
4215
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
4216
    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
4217
    if (session->ticketNonce.data != session->ticketNonce.dataStatic) {
4218
        XFREE(session->ticketNonce.data, session->heap,
4219
            DYNAMIC_TYPE_SESSION_TICK);
4220
        session->ticketNonce.data = session->ticketNonce.dataStatic;
4221
        session->ticketNonce.len = 0;
4222
    }
4223
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
4224
#endif
4225
4226
#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
4227
    wolfSSL_CRYPTO_cleanup_ex_data(&session->ex_data);
4228
#endif
4229
4230
    /* Make sure masterSecret is zeroed. */
4231
0
    ForceZero(session->masterSecret, SECRET_LEN);
4232
    /* Session ID is sensitive information too. */
4233
0
    ForceZero(session->sessionID, ID_LEN);
4234
4235
0
    if (session->type == WOLFSSL_SESSION_TYPE_HEAP) {
4236
        /* // NOLINTNEXTLINE(clang-analyzer-unix.Malloc) */
4237
0
        XFREE(session, session->heap, DYNAMIC_TYPE_SESSION);
4238
0
    }
4239
0
}
4240
4241
/* DO NOT use this API internally. Use wolfSSL_FreeSession directly instead
4242
 * and pass in the ctx parameter if possible (like from ssl->ctx). */
4243
void wolfSSL_SESSION_free(WOLFSSL_SESSION* session)
4244
0
{
4245
0
    session = ClientSessionToSession(session);
4246
0
    wolfSSL_FreeSession(NULL, session);
4247
0
}
4248
4249
#if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)
4250
4251
/**
4252
* set cipher to WOLFSSL_SESSION from WOLFSSL_CIPHER
4253
* @param session  a pointer to WOLFSSL_SESSION structure
4254
* @param cipher   a function pointer to WOLFSSL_CIPHER
4255
* @return WOLFSSL_SUCCESS on success, otherwise WOLFSSL_FAILURE
4256
*/
4257
int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session,
4258
                                            const WOLFSSL_CIPHER* cipher)
4259
{
4260
    WOLFSSL_ENTER("wolfSSL_SESSION_set_cipher");
4261
4262
    session = ClientSessionToSession(session);
4263
    /* sanity check */
4264
    if (session == NULL || cipher == NULL) {
4265
        WOLFSSL_MSG("bad argument");
4266
        return WOLFSSL_FAILURE;
4267
    }
4268
    session->cipherSuite0 = cipher->cipherSuite0;
4269
    session->cipherSuite  = cipher->cipherSuite;
4270
4271
    WOLFSSL_LEAVE("wolfSSL_SESSION_set_cipher", WOLFSSL_SUCCESS);
4272
    return WOLFSSL_SUCCESS;
4273
}
4274
#endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */
4275
4276
const char* wolfSSL_SESSION_CIPHER_get_name(const WOLFSSL_SESSION* session)
4277
0
{
4278
0
    session = ClientSessionToSession(session);
4279
0
    if (session == NULL) {
4280
0
        return NULL;
4281
0
    }
4282
4283
0
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
4284
0
                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
4285
0
    #if !defined(WOLFSSL_CIPHER_INTERNALNAME) && !defined(NO_ERROR_STRINGS)
4286
0
        return GetCipherNameIana(session->cipherSuite0, session->cipherSuite);
4287
    #else
4288
        return GetCipherNameInternal(session->cipherSuite0,
4289
            session->cipherSuite);
4290
    #endif
4291
#else
4292
    return NULL;
4293
#endif
4294
0
}
4295
4296
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX)
4297
const unsigned char *wolfSSL_SESSION_get0_id_context(
4298
                      const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length)
4299
{
4300
    return wolfSSL_SESSION_get_id((WOLFSSL_SESSION *)sess, sid_ctx_length);
4301
}
4302
int wolfSSL_SESSION_set1_id(WOLFSSL_SESSION *s,
4303
                                 const unsigned char *sid, unsigned int sid_len)
4304
{
4305
    if (s == NULL) {
4306
        return WOLFSSL_FAILURE;
4307
    }
4308
    if (sid_len > ID_LEN) {
4309
        return WOLFSSL_FAILURE;
4310
    }
4311
4312
    s->sessionIDSz = (byte)sid_len;
4313
    if (sid != s->sessionID) {
4314
        XMEMCPY(s->sessionID, sid, sid_len);
4315
    }
4316
    return WOLFSSL_SUCCESS;
4317
}
4318
4319
int wolfSSL_SESSION_set1_id_context(WOLFSSL_SESSION *s,
4320
                         const unsigned char *sid_ctx, unsigned int sid_ctx_len)
4321
{
4322
    if (s == NULL) {
4323
        return WOLFSSL_FAILURE;
4324
    }
4325
    if (sid_ctx_len > ID_LEN) {
4326
        return WOLFSSL_FAILURE;
4327
    }
4328
    s->sessionCtxSz = (byte)sid_ctx_len;
4329
    if (sid_ctx != s->sessionCtx) {
4330
        XMEMCPY(s->sessionCtx, sid_ctx, sid_ctx_len);
4331
    }
4332
4333
    return WOLFSSL_SUCCESS;
4334
}
4335
4336
#endif
4337
4338
#ifdef OPENSSL_EXTRA
4339
4340
/* Return the total number of sessions */
4341
long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx)
4342
{
4343
    word32 total = 0;
4344
4345
    WOLFSSL_ENTER("wolfSSL_CTX_sess_number");
4346
    (void)ctx;
4347
4348
#if defined(WOLFSSL_SESSION_STATS) && !defined(NO_SESSION_CACHE)
4349
    if (wolfSSL_get_session_stats(NULL, &total, NULL, NULL) !=
4350
            WOLFSSL_SUCCESS) {
4351
        WOLFSSL_MSG("Error getting session stats");
4352
    }
4353
#else
4354
    WOLFSSL_MSG("Please use macro WOLFSSL_SESSION_STATS for session stats");
4355
#endif
4356
4357
    return (long)total;
4358
}
4359
4360
#endif
4361
4362
#ifdef SESSION_CERTS
4363
4364
/* get session ID */
4365
WOLFSSL_ABI
4366
const byte* wolfSSL_get_sessionID(const WOLFSSL_SESSION* session)
4367
{
4368
    WOLFSSL_ENTER("wolfSSL_get_sessionID");
4369
    session = ClientSessionToSession(session);
4370
    if (session)
4371
        return session->sessionID;
4372
4373
    return NULL;
4374
}
4375
4376
#endif
4377
4378
#ifdef HAVE_EX_DATA
4379
4380
int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION* session, int idx, void* data)
4381
{
4382
    int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
4383
    WOLFSSL_ENTER("wolfSSL_SESSION_set_ex_data");
4384
#ifdef HAVE_EX_DATA
4385
    session = ClientSessionToSession(session);
4386
    if (session != NULL) {
4387
#ifndef NO_SESSION_CACHE
4388
        if (!session->ownExData) {
4389
            /* Need to update in cache */
4390
            SESSION_ex_data_cache_update(session, idx, data, 0, NULL, &ret);
4391
        }
4392
        else
4393
#endif
4394
        {
4395
            ret = wolfSSL_CRYPTO_set_ex_data(&session->ex_data, idx, data);
4396
        }
4397
    }
4398
#else
4399
    (void)session;
4400
    (void)idx;
4401
    (void)data;
4402
#endif
4403
    return ret;
4404
}
4405
4406
#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
4407
int wolfSSL_SESSION_set_ex_data_with_cleanup(
4408
    WOLFSSL_SESSION* session,
4409
    int idx,
4410
    void* data,
4411
    wolfSSL_ex_data_cleanup_routine_t cleanup_routine)
4412
{
4413
    WOLFSSL_ENTER("wolfSSL_SESSION_set_ex_data_with_cleanup");
4414
    session = ClientSessionToSession(session);
4415
    if(session != NULL) {
4416
        return wolfSSL_CRYPTO_set_ex_data_with_cleanup(&session->ex_data, idx,
4417
                                                       data, cleanup_routine);
4418
    }
4419
    return WOLFSSL_FAILURE;
4420
}
4421
#endif /* HAVE_EX_DATA_CLEANUP_HOOKS */
4422
4423
void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION* session, int idx)
4424
{
4425
    void* ret = NULL;
4426
    WOLFSSL_ENTER("wolfSSL_SESSION_get_ex_data");
4427
#ifdef HAVE_EX_DATA
4428
    session = ClientSessionToSession(session);
4429
    if (session != NULL) {
4430
#ifndef NO_SESSION_CACHE
4431
        if (!session->ownExData) {
4432
            /* Need to retrieve the data from the session cache */
4433
            SESSION_ex_data_cache_update((WOLFSSL_SESSION*)session, idx, NULL,
4434
                                         1, &ret, NULL);
4435
        }
4436
        else
4437
#endif
4438
        {
4439
            ret = wolfSSL_CRYPTO_get_ex_data(&session->ex_data, idx);
4440
        }
4441
    }
4442
#else
4443
    (void)session;
4444
    (void)idx;
4445
#endif
4446
    return ret;
4447
}
4448
4449
#ifdef HAVE_EX_DATA_CRYPTO
4450
int wolfSSL_SESSION_get_ex_new_index(long ctx_l,void* ctx_ptr,
4451
        WOLFSSL_CRYPTO_EX_new* new_func, WOLFSSL_CRYPTO_EX_dup* dup_func,
4452
        WOLFSSL_CRYPTO_EX_free* free_func)
4453
{
4454
    WOLFSSL_ENTER("wolfSSL_SESSION_get_ex_new_index");
4455
    return wolfssl_local_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
4456
            ctx_l, ctx_ptr, new_func, dup_func, free_func);
4457
}
4458
#endif /* HAVE_EX_DATA_CRYPTO */
4459
#endif /* HAVE_EX_DATA */
4460
4461
#if defined(OPENSSL_ALL) || \
4462
    defined(OPENSSL_EXTRA) || defined(HAVE_STUNNEL) || \
4463
    defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
4464
4465
const byte* wolfSSL_SESSION_get_id(const WOLFSSL_SESSION* sess,
4466
        unsigned int* idLen)
4467
{
4468
    WOLFSSL_ENTER("wolfSSL_SESSION_get_id");
4469
    sess = ClientSessionToSession(sess);
4470
    if (sess == NULL || idLen == NULL) {
4471
        WOLFSSL_MSG("Bad func args. Please provide idLen");
4472
        return NULL;
4473
    }
4474
#ifdef HAVE_SESSION_TICKET
4475
    if (sess->haveAltSessionID) {
4476
        *idLen = ID_LEN;
4477
        return sess->altSessionID;
4478
    }
4479
#endif
4480
    *idLen = sess->sessionIDSz;
4481
    return sess->sessionID;
4482
}
4483
4484
#if (defined(HAVE_SESSION_TICKET) || defined(SESSION_CERTS)) && \
4485
    !defined(NO_FILESYSTEM)
4486
4487
#ifndef NO_BIO
4488
4489
#if defined(SESSION_CERTS) || \
4490
   (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
4491
static const char* wolfSSL_internal_get_version(const ProtocolVersion* version);
4492
4493
/* returns a pointer to the protocol used by the session */
4494
static const char* wolfSSL_SESSION_get_protocol(const WOLFSSL_SESSION* in)
4495
{
4496
    in = ClientSessionToSession(in);
4497
    return wolfSSL_internal_get_version((ProtocolVersion*)&in->version);
4498
}
4499
#endif
4500
4501
/* returns true (non 0) if the session has EMS (extended master secret) */
4502
static int wolfSSL_SESSION_haveEMS(const WOLFSSL_SESSION* in)
4503
{
4504
    in = ClientSessionToSession(in);
4505
    if (in == NULL)
4506
        return 0;
4507
    return in->haveEMS;
4508
}
4509
4510
#if defined(HAVE_SESSION_TICKET)
4511
/* prints out the ticket to bio passed in
4512
 * return WOLFSSL_SUCCESS on success
4513
 */
4514
static int wolfSSL_SESSION_print_ticket(WOLFSSL_BIO* bio,
4515
        const WOLFSSL_SESSION* in, const char* tab)
4516
{
4517
    unsigned short i, j, z, sz;
4518
    short tag = 0;
4519
    byte* pt;
4520
4521
4522
    in = ClientSessionToSession(in);
4523
    if (in == NULL || bio == NULL) {
4524
        return BAD_FUNC_ARG;
4525
    }
4526
4527
    sz = in->ticketLen;
4528
    pt = in->ticket;
4529
4530
    if (wolfSSL_BIO_printf(bio, "%s\n", (sz == 0)? " NONE": "") <= 0)
4531
        return WOLFSSL_FAILURE;
4532
4533
    for (i = 0; i < sz;) {
4534
        char asc[16];
4535
        XMEMSET(asc, 0, sizeof(asc));
4536
4537
        if (sz - i < 16) {
4538
            if (wolfSSL_BIO_printf(bio, "%s%04X -", tab, tag + (sz - i)) <= 0)
4539
                return WOLFSSL_FAILURE;
4540
        }
4541
        else {
4542
            if (wolfSSL_BIO_printf(bio, "%s%04X -", tab, tag) <= 0)
4543
                return WOLFSSL_FAILURE;
4544
        }
4545
        for (j = 0; i < sz && j < 8; j++,i++) {
4546
            asc[j] =  ((pt[i])&0x6f)>='A'?((pt[i])&0x6f):'.';
4547
            if (wolfSSL_BIO_printf(bio, " %02X", pt[i]) <= 0)
4548
                return WOLFSSL_FAILURE;
4549
        }
4550
4551
        if (i < sz) {
4552
            asc[j] =  ((pt[i])&0x6f)>='A'?((pt[i])&0x6f):'.';
4553
            if (wolfSSL_BIO_printf(bio, "-%02X", pt[i]) <= 0)
4554
                return WOLFSSL_FAILURE;
4555
            j++;
4556
            i++;
4557
        }
4558
4559
        for (; i < sz && j < 16; j++,i++) {
4560
            asc[j] =  ((pt[i])&0x6f)>='A'?((pt[i])&0x6f):'.';
4561
            if (wolfSSL_BIO_printf(bio, " %02X", pt[i]) <= 0)
4562
                return WOLFSSL_FAILURE;
4563
        }
4564
4565
        /* pad out spacing */
4566
        for (z = j; z < 17; z++) {
4567
            if (wolfSSL_BIO_printf(bio, "   ") <= 0)
4568
                return WOLFSSL_FAILURE;
4569
        }
4570
4571
        for (z = 0; z < j; z++) {
4572
            if (wolfSSL_BIO_printf(bio, "%c", asc[z]) <= 0)
4573
                return WOLFSSL_FAILURE;
4574
        }
4575
        if (wolfSSL_BIO_printf(bio, "\n") <= 0)
4576
            return WOLFSSL_FAILURE;
4577
4578
        tag += 16;
4579
    }
4580
    return WOLFSSL_SUCCESS;
4581
}
4582
#endif /* HAVE_SESSION_TICKET */
4583
4584
4585
/* prints out the session information in human readable form
4586
 * return WOLFSSL_SUCCESS on success
4587
 */
4588
int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *session)
4589
{
4590
    const unsigned char* pt;
4591
    unsigned char buf[SECRET_LEN];
4592
    unsigned int sz = 0, i;
4593
    int ret;
4594
4595
    session = ClientSessionToSession(session);
4596
    if (session == NULL) {
4597
        return WOLFSSL_FAILURE;
4598
    }
4599
4600
    if (wolfSSL_BIO_printf(bp, "%s\n", "SSL-Session:") <= 0)
4601
        return WOLFSSL_FAILURE;
4602
4603
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
4604
                               defined(HAVE_SESSION_TICKET))
4605
    if (wolfSSL_BIO_printf(bp, "    Protocol  : %s\n",
4606
            wolfSSL_SESSION_get_protocol(session)) <= 0)
4607
        return WOLFSSL_FAILURE;
4608
#endif
4609
4610
    if (wolfSSL_BIO_printf(bp, "    Cipher    : %s\n",
4611
            wolfSSL_SESSION_CIPHER_get_name(session)) <= 0)
4612
        return WOLFSSL_FAILURE;
4613
4614
    pt = wolfSSL_SESSION_get_id(session, &sz);
4615
    if (wolfSSL_BIO_printf(bp, "    Session-ID: ") <= 0)
4616
        return WOLFSSL_FAILURE;
4617
4618
    for (i = 0; i < sz; i++) {
4619
        if (wolfSSL_BIO_printf(bp, "%02X", pt[i]) <= 0)
4620
            return WOLFSSL_FAILURE;
4621
    }
4622
    if (wolfSSL_BIO_printf(bp, "\n") <= 0)
4623
        return WOLFSSL_FAILURE;
4624
4625
    if (wolfSSL_BIO_printf(bp, "    Session-ID-ctx: \n") <= 0)
4626
        return WOLFSSL_FAILURE;
4627
4628
    ret = wolfSSL_SESSION_get_master_key(session, buf, sizeof(buf));
4629
    if (wolfSSL_BIO_printf(bp, "    Master-Key: ") <= 0)
4630
        return WOLFSSL_FAILURE;
4631
4632
    if (ret > 0) {
4633
        sz = (unsigned int)ret;
4634
        for (i = 0; i < sz; i++) {
4635
            if (wolfSSL_BIO_printf(bp, "%02X", buf[i]) <= 0)
4636
                return WOLFSSL_FAILURE;
4637
        }
4638
    }
4639
    if (wolfSSL_BIO_printf(bp, "\n") <= 0)
4640
        return WOLFSSL_FAILURE;
4641
4642
    /* @TODO PSK identity hint and SRP */
4643
4644
    if (wolfSSL_BIO_printf(bp, "    TLS session ticket:") <= 0)
4645
        return WOLFSSL_FAILURE;
4646
4647
#ifdef HAVE_SESSION_TICKET
4648
    if (wolfSSL_SESSION_print_ticket(bp, session, "    ") != WOLFSSL_SUCCESS)
4649
        return WOLFSSL_FAILURE;
4650
#endif
4651
4652
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
4653
        defined(HAVE_EXT_CACHE))
4654
    if (wolfSSL_BIO_printf(bp, "    Start Time: %ld\n",
4655
                wolfSSL_SESSION_get_time(session)) <= 0)
4656
        return WOLFSSL_FAILURE;
4657
4658
    if (wolfSSL_BIO_printf(bp, "    Timeout   : %ld (sec)\n",
4659
            wolfSSL_SESSION_get_timeout(session)) <= 0)
4660
        return WOLFSSL_FAILURE;
4661
#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */
4662
4663
    /* @TODO verify return code print */
4664
4665
    if (wolfSSL_BIO_printf(bp, "    Extended master secret: %s\n",
4666
            (wolfSSL_SESSION_haveEMS(session) == 0)? "no" : "yes") <= 0)
4667
        return WOLFSSL_FAILURE;
4668
4669
    return WOLFSSL_SUCCESS;
4670
}
4671
4672
#endif /* !NO_BIO */
4673
#endif /* (HAVE_SESSION_TICKET || SESSION_CERTS) && !NO_FILESYSTEM */
4674
4675
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX ||
4676
        * WOLFSSL_HAPROXY */
4677
4678
#ifdef OPENSSL_EXTRA
4679
/**
4680
 * Determine whether a WOLFSSL_SESSION object can be used for resumption
4681
 * @param s  a pointer to WOLFSSL_SESSION structure
4682
 * @return return 1 if session is resumable, otherwise 0.
4683
 */
4684
int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s)
4685
{
4686
    s = ClientSessionToSession(s);
4687
    if (s == NULL)
4688
        return 0;
4689
4690
#ifdef HAVE_SESSION_TICKET
4691
    if (s->ticketLen > 0)
4692
        return 1;
4693
#endif
4694
4695
    if (s->sessionIDSz > 0)
4696
        return 1;
4697
4698
    return 0;
4699
}
4700
#endif /* OPENSSL_EXTRA */
4701
4702
#endif /* !WOLFSSL_SSL_SESS_INCLUDED */
4703