mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-30 22:43:08 +03:00
- Added simple SSL session cache implementation
- Revamped session resumption handling
This commit is contained in:
Paul Bakker
@ -35,6 +35,7 @@ set(src
|
||||
sha1.c
|
||||
sha2.c
|
||||
sha4.c
|
||||
ssl_cache.c
|
||||
ssl_cli.c
|
||||
ssl_srv.c
|
||||
ssl_tls.c
|
||||
|
||||
@ -44,10 +44,10 @@ OBJS= aes.o arc4.o asn1parse.o \
|
||||
padlock.o pbkdf2.o pem.o \
|
||||
pkcs11.o \
|
||||
rsa.o sha1.o sha2.o \
|
||||
sha4.o ssl_cli.o ssl_srv.o \
|
||||
sha4.o ssl_cache.o ssl_cli.o \
|
||||
ssl_srv.o \
|
||||
ssl_tls.o timing.o version.o \
|
||||
x509parse.o x509write.o xtea.o
|
||||
|
||||
|
||||
.SILENT:
|
||||
|
||||
|
||||
152
library/ssl_cache.c
Normal file
152
library/ssl_cache.c
Normal file
@ -0,0 +1,152 @@
|
||||
/*
|
||||
* SSL session cache implementation
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* These session callbacks use a simple chained list
|
||||
* to store and retrieve the session information.
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
|
||||
#include "polarssl/ssl_cache.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
void ssl_cache_init( ssl_cache_context *cache )
|
||||
{
|
||||
memset( cache, 0, sizeof( ssl_cache_context ) );
|
||||
|
||||
cache->timeout = SSL_CACHE_DEFAULT_TIMEOUT;
|
||||
}
|
||||
|
||||
int ssl_cache_get( void *data, ssl_session *session )
|
||||
{
|
||||
time_t t = time( NULL );
|
||||
ssl_cache_context *cache = (ssl_cache_context *) data;
|
||||
ssl_cache_entry *cur, *entry;
|
||||
|
||||
cur = cache->chain;
|
||||
entry = NULL;
|
||||
|
||||
while( cur != NULL )
|
||||
{
|
||||
entry = cur;
|
||||
cur = cur->next;
|
||||
|
||||
if( cache->timeout != 0 &&
|
||||
(int) ( t - entry->timestamp ) > cache->timeout )
|
||||
continue;
|
||||
|
||||
if( session->ciphersuite != entry->session.ciphersuite ||
|
||||
session->compression != entry->session.compression ||
|
||||
session->length != entry->session.length )
|
||||
continue;
|
||||
|
||||
if( memcmp( session->id, entry->session.id,
|
||||
entry->session.length ) != 0 )
|
||||
continue;
|
||||
|
||||
memcpy( session->master, entry->session.master, 48 );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
int ssl_cache_set( void *data, const ssl_session *session )
|
||||
{
|
||||
time_t t = time( NULL );
|
||||
ssl_cache_context *cache = (ssl_cache_context *) data;
|
||||
ssl_cache_entry *cur, *prv;
|
||||
|
||||
cur = cache->chain;
|
||||
prv = NULL;
|
||||
|
||||
while( cur != NULL )
|
||||
{
|
||||
if( cache->timeout != 0 &&
|
||||
(int) ( t - cur->timestamp ) > cache->timeout )
|
||||
{
|
||||
cur->timestamp = t;
|
||||
break; /* expired, reuse this slot, update timestamp */
|
||||
}
|
||||
|
||||
if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 )
|
||||
break; /* client reconnected, keep timestamp for session id */
|
||||
|
||||
prv = cur;
|
||||
cur = cur->next;
|
||||
}
|
||||
|
||||
if( cur == NULL )
|
||||
{
|
||||
cur = (ssl_cache_entry *) malloc( sizeof( ssl_cache_entry ) );
|
||||
if( cur == NULL )
|
||||
return( 1 );
|
||||
|
||||
memset( cur, 0, sizeof( ssl_cache_entry ) );
|
||||
|
||||
if( prv == NULL )
|
||||
cache->chain = cur;
|
||||
else
|
||||
prv->next = cur;
|
||||
|
||||
cur->timestamp = t;
|
||||
}
|
||||
|
||||
memcpy( &cur->session, session, sizeof( ssl_session ) );
|
||||
|
||||
// Do not include peer_cert in cache entry
|
||||
//
|
||||
cur->session.peer_cert = NULL;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout )
|
||||
{
|
||||
if( timeout < 0 ) timeout = 0;
|
||||
|
||||
cache->timeout = timeout;
|
||||
}
|
||||
|
||||
void ssl_cache_free( ssl_cache_context *cache )
|
||||
{
|
||||
ssl_cache_entry *cur, *prv;
|
||||
|
||||
cur = cache->chain;
|
||||
|
||||
while( cur != NULL )
|
||||
{
|
||||
prv = cur;
|
||||
cur = cur->next;
|
||||
|
||||
ssl_session_free( &prv->session );
|
||||
free( prv );
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SSL_CACHE_C */
|
||||
@ -111,9 +111,8 @@ static int ssl_write_client_hello( ssl_context *ssl )
|
||||
*/
|
||||
n = ssl->session_negotiate->length;
|
||||
|
||||
if( n < 16 || n > 32 || ssl->resume == 0 ||
|
||||
( ssl->timeout != 0 &&
|
||||
t - ssl->session_negotiate->start > ssl->timeout ) )
|
||||
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE || n < 16 || n > 32 ||
|
||||
ssl->handshake->resume == 0 )
|
||||
n = 0;
|
||||
|
||||
*p++ = (unsigned char) n;
|
||||
@ -473,14 +472,15 @@ static int ssl_parse_server_hello( ssl_context *ssl )
|
||||
/*
|
||||
* Check if the session can be resumed
|
||||
*/
|
||||
if( ssl->resume == 0 || n == 0 ||
|
||||
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ||
|
||||
ssl->handshake->resume == 0 || n == 0 ||
|
||||
ssl->session_negotiate->ciphersuite != i ||
|
||||
ssl->session_negotiate->compression != comp ||
|
||||
ssl->session_negotiate->length != n ||
|
||||
memcmp( ssl->session_negotiate->id, buf + 39, n ) != 0 )
|
||||
{
|
||||
ssl->state++;
|
||||
ssl->resume = 0;
|
||||
ssl->handshake->resume = 0;
|
||||
ssl->session_negotiate->start = time( NULL );
|
||||
ssl->session_negotiate->ciphersuite = i;
|
||||
ssl->session_negotiate->compression = comp;
|
||||
@ -499,7 +499,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
|
||||
}
|
||||
|
||||
SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
|
||||
ssl->resume ? "a" : "no" ) );
|
||||
ssl->handshake->resume ? "a" : "no" ) );
|
||||
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) );
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[41 + n] ) );
|
||||
|
||||
@ -456,21 +456,16 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
||||
ssl->session_negotiate->length = n = 32;
|
||||
*p++ = (unsigned char) ssl->session_negotiate->length;
|
||||
|
||||
if( ssl->s_get == NULL ||
|
||||
ssl->s_get( ssl ) != 0 )
|
||||
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ||
|
||||
ssl->f_get_cache == NULL ||
|
||||
ssl->f_get_cache( ssl->p_get_cache, ssl->session_negotiate ) != 0 )
|
||||
{
|
||||
/*
|
||||
* Not found, create a new session id
|
||||
*/
|
||||
ssl->resume = 0;
|
||||
ssl->handshake->resume = 0;
|
||||
ssl->state++;
|
||||
|
||||
if( ssl->session_negotiate == NULL )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "No session struct set" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id,
|
||||
n ) ) != 0 )
|
||||
return( ret );
|
||||
@ -478,9 +473,9 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
||||
else
|
||||
{
|
||||
/*
|
||||
* Found a matching session, resume it
|
||||
* Found a matching session, resuming it
|
||||
*/
|
||||
ssl->resume = 1;
|
||||
ssl->handshake->resume = 1;
|
||||
ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC;
|
||||
|
||||
if( ( ret = ssl_derive_keys( ssl ) ) != 0 )
|
||||
@ -496,7 +491,7 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
|
||||
SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n );
|
||||
SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
|
||||
ssl->resume ? "a" : "no" ) );
|
||||
ssl->handshake->resume ? "a" : "no" ) );
|
||||
|
||||
*p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 );
|
||||
*p++ = (unsigned char)( ssl->session_negotiate->ciphersuite );
|
||||
@ -987,9 +982,6 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ssl->s_set != NULL )
|
||||
ssl->s_set( ssl );
|
||||
|
||||
ssl->state++;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) );
|
||||
|
||||
@ -317,7 +317,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
* TLSv1:
|
||||
* master = PRF( premaster, "master secret", randbytes )[0..47]
|
||||
*/
|
||||
if( ssl->resume == 0 )
|
||||
if( handshake->resume == 0 )
|
||||
{
|
||||
SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
|
||||
handshake->pmslen );
|
||||
@ -2641,25 +2641,21 @@ void ssl_handshake_wrapup( ssl_context *ssl )
|
||||
ssl->transform = ssl->transform_negotiate;
|
||||
ssl->transform_negotiate = NULL;
|
||||
|
||||
/*
|
||||
* Migrate data to existing session structure (in chain)
|
||||
* Step 1. Clear existing data (but not the rest of the chain)
|
||||
* Step 2. Migrate data to existing object in chain
|
||||
* Step 3. Remove negotiation session object without removing items pointed
|
||||
* to
|
||||
*/
|
||||
ssl->session_negotiate->next = ssl->session->next;
|
||||
ssl->session->next = NULL;
|
||||
ssl_session_free( ssl->session );
|
||||
|
||||
memcpy( ssl->session, ssl->session_negotiate, sizeof(ssl_session) );
|
||||
ssl->session_in = ssl->session;
|
||||
ssl->session_out = ssl->session;
|
||||
|
||||
memset( ssl->session_negotiate, 0, sizeof(ssl_session) );
|
||||
free( ssl->session_negotiate );
|
||||
if( ssl->session )
|
||||
{
|
||||
ssl_session_free( ssl->session );
|
||||
free( ssl->session );
|
||||
}
|
||||
ssl->session = ssl->session_negotiate;
|
||||
ssl->session_negotiate = NULL;
|
||||
|
||||
/*
|
||||
* Add cache entry
|
||||
*/
|
||||
if( ssl->f_set_cache != NULL )
|
||||
if( ssl->f_set_cache( ssl->p_set_cache, ssl->session ) != 0 )
|
||||
SSL_DEBUG_MSG( 1, ( "cache did not store session" ) );
|
||||
|
||||
ssl->state++;
|
||||
|
||||
SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) );
|
||||
@ -2687,7 +2683,7 @@ int ssl_write_finished( ssl_context *ssl )
|
||||
* In case of session resuming, invert the client and server
|
||||
* ChangeCipherSpec messages order.
|
||||
*/
|
||||
if( ssl->resume != 0 )
|
||||
if( ssl->handshake->resume != 0 )
|
||||
{
|
||||
if( ssl->endpoint == SSL_IS_CLIENT )
|
||||
ssl->state = SSL_HANDSHAKE_WRAPUP;
|
||||
@ -2765,7 +2761,7 @@ int ssl_parse_finished( ssl_context *ssl )
|
||||
ssl->verify_data_len = hash_len;
|
||||
memcpy( ssl->peer_verify_data, buf, hash_len );
|
||||
|
||||
if( ssl->resume != 0 )
|
||||
if( ssl->handshake->resume != 0 )
|
||||
{
|
||||
if( ssl->endpoint == SSL_IS_CLIENT )
|
||||
ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC;
|
||||
@ -2970,20 +2966,20 @@ void ssl_set_bio( ssl_context *ssl,
|
||||
ssl->p_send = p_send;
|
||||
}
|
||||
|
||||
void ssl_set_scb( ssl_context *ssl,
|
||||
int (*s_get)(ssl_context *),
|
||||
int (*s_set)(ssl_context *) )
|
||||
void ssl_set_session_cache( ssl_context *ssl,
|
||||
int (*f_get_cache)(void *, ssl_session *), void *p_get_cache,
|
||||
int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache )
|
||||
{
|
||||
ssl->s_get = s_get;
|
||||
ssl->s_set = s_set;
|
||||
ssl->f_get_cache = f_get_cache;
|
||||
ssl->p_get_cache = p_get_cache;
|
||||
ssl->f_set_cache = f_set_cache;
|
||||
ssl->p_set_cache = p_set_cache;
|
||||
}
|
||||
|
||||
void ssl_set_session( ssl_context *ssl, int resume, int timeout,
|
||||
ssl_session *session )
|
||||
void ssl_set_session( ssl_context *ssl, const ssl_session *session )
|
||||
{
|
||||
ssl->resume = resume;
|
||||
ssl->timeout = timeout;
|
||||
ssl->session = session;
|
||||
memcpy( ssl->session_negotiate, session, sizeof(ssl_session) );
|
||||
ssl->handshake->resume = 1;
|
||||
}
|
||||
|
||||
void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites )
|
||||
@ -3687,23 +3683,13 @@ void ssl_handshake_free( ssl_handshake_params *handshake )
|
||||
|
||||
void ssl_session_free( ssl_session *session )
|
||||
{
|
||||
ssl_session *cur = session, *prv;
|
||||
|
||||
while( cur != NULL )
|
||||
if( session->peer_cert != NULL )
|
||||
{
|
||||
prv = cur;
|
||||
cur = cur->next;
|
||||
|
||||
if( prv->peer_cert != NULL )
|
||||
{
|
||||
x509_free( prv->peer_cert );
|
||||
free( prv->peer_cert );
|
||||
}
|
||||
|
||||
memset( prv, 0, sizeof( ssl_session ) );
|
||||
if( prv != session )
|
||||
free( prv );
|
||||
x509_free( session->peer_cert );
|
||||
free( session->peer_cert );
|
||||
}
|
||||
|
||||
memset( session, 0, sizeof( ssl_session ) );
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user