Lines Matching defs:s
16 * Copyright remains Eric Young's, and as such any Copyright notices in
143 static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
144 static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
163 * somebody doesn't free ssl->session between when we check it's
186 SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
188 return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
193 SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
195 return (CRYPTO_get_ex_data(&s->ex_data, idx));
200 SSL_SESSION_get_max_early_data(const SSL_SESSION *s)
207 SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)
374 SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
376 return s->tlsext_tick_lifetime_hint;
381 SSL_SESSION_has_ticket(const SSL_SESSION *s)
383 return (s->tlsext_ticklen > 0) ? 1 : 0;
392 * a conflict - well that's a reasonable point to call it quits. Either the
426 ssl_get_new_session(SSL *s, int session)
438 if (s->session_ctx->session_timeout == 0)
439 ss->timeout = SSL_get_default_timeout(s);
441 ss->timeout = s->session_ctx->session_timeout;
443 if (s->session != NULL) {
444 SSL_SESSION_free(s->session);
445 s->session = NULL;
449 switch (s->version) {
455 ss->ssl_version = s->version;
459 SSLerror(s, SSL_R_UNSUPPORTED_SSL_VERSION);
465 if (s->tlsext_ticket_expected) {
472 if (s->generate_session_id)
473 cb = s->generate_session_id;
474 else if (s->session_ctx->generate_session_id)
475 cb = s->session_ctx->generate_session_id;
480 if (!cb(s, ss->session_id, &tmp)) {
482 SSLerror(s, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
493 SSLerror(s, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
500 if (SSL_has_matching_session_id(s, ss->session_id,
502 SSLerror(s, SSL_R_SSL_SESSION_ID_CONFLICT);
508 if (s->tlsext_hostname) {
509 ss->tlsext_hostname = strdup(s->tlsext_hostname);
511 SSLerror(s, ERR_R_INTERNAL_ERROR);
520 if (s->sid_ctx_length > sizeof ss->sid_ctx) {
521 SSLerror(s, ERR_R_INTERNAL_ERROR);
526 memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
527 ss->sid_ctx_length = s->sid_ctx_length;
528 s->session = ss;
529 ss->ssl_version = s->version;
536 ssl_session_from_cache(SSL *s, CBS *session_id)
541 if ((s->session_ctx->session_cache_mode &
547 data.ssl_version = s->version;
554 sess = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
560 s->session_ctx->stats.sess_miss++;
566 ssl_session_from_callback(SSL *s, CBS *session_id)
571 if (s->session_ctx->get_session_cb == NULL)
575 if ((sess = s->session_ctx->get_session_cb(s,
587 s->session_ctx->stats.sess_cb_hit++;
590 if (!(s->session_ctx->session_cache_mode &
596 SSL_CTX_add_session(s->session_ctx, sess);
603 ssl_session_by_id(SSL *s, CBS *session_id)
610 if ((sess = ssl_session_from_cache(s, session_id)) == NULL)
611 sess = ssl_session_from_callback(s, session_id);
631 * - If a session is found then s->session is pointed at it (after freeing
632 * an existing session if need be) and s->verify_result is set from the
634 * - For both new and resumed sessions, s->tlsext_ticket_expected
638 ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert)
649 /* Sets s->tlsext_ticket_expected. */
650 switch (tls1_process_ticket(s, ext_block, &alert_desc, &sess)) {
656 if ((sess = ssl_session_by_id(s, session_id)) == NULL)
675 SSLerror(s, ERR_R_INTERNAL_ERROR);
682 if (sess->sid_ctx_length != s->sid_ctx_length ||
683 timingsafe_memcmp(sess->sid_ctx, s->sid_ctx,
692 if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
704 SSLerror(s, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
710 s->session_ctx->stats.sess_timeout++;
713 SSL_CTX_remove_session(s->session_ctx, sess);
718 s->session_ctx->stats.sess_hit++;
720 SSL_SESSION_free(s->session);
721 s->session = sess;
722 s->verify_result = s->session->verify_result;
733 s->tlsext_ticket_expected = 1;
746 SSL_SESSION *s;
749 * Add just 1 reference count for the SSL_CTX's session cache
760 s = lh_SSL_SESSION_insert(ctx->sessions, c);
763 * s != NULL iff we already had a session with the given PID.
764 * In this case, s == c should hold (then we did not really modify
767 if (s != NULL && s != c) {
769 SSL_SESSION_list_remove(ctx, s);
770 SSL_SESSION_free(s);
778 s = NULL;
782 if (s == NULL)
785 if (s != NULL) {
791 SSL_SESSION_free(s); /* s == c */
891 SSL_set_session(SSL *s, SSL_SESSION *session)
896 SSL_SESSION_free(s->session);
897 s->session = NULL;
899 return SSL_set_ssl_method(s, s->ctx->method);
903 SSLerror(s, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
907 if (!SSL_set_ssl_method(s, method))
911 SSL_SESSION_free(s->session);
912 s->session = session;
913 s->verify_result = s->session->verify_result;
938 SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
940 if (s == NULL)
942 s->timeout = t;
948 SSL_SESSION_get_timeout(const SSL_SESSION *s)
950 if (s == NULL)
952 return (s->timeout);
958 SSL_SESSION_get_time(const SSL_SESSION *s)
960 if (s == NULL)
962 return (s->time);
968 SSL_SESSION_set_time(SSL_SESSION *s, long t)
970 if (s == NULL)
972 s->time = t;
978 SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
980 return s->ssl_version;
985 SSL_SESSION_get0_cipher(const SSL_SESSION *s)
987 return ssl3_get_cipher_by_value(s->cipher_value);
992 SSL_SESSION_get0_peer(SSL_SESSION *s)
994 return s->peer_cert;
999 SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
1006 s->session_id_length = sid_len;
1007 memmove(s->session_id, sid, sid_len);
1013 SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
1020 s->sid_ctx_length = sid_ctx_len;
1021 memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
1028 SSL_SESSION_is_resumable(const SSL_SESSION *s)
1035 SSL_CTX_set_timeout(SSL_CTX *s, long t)
1039 if (s == NULL)
1041 l = s->session_timeout;
1042 s->session_timeout = t;
1049 SSL_CTX_get_timeout(const SSL_CTX *s)
1051 if (s == NULL)
1053 return (s->session_timeout);
1058 SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
1062 if (s == NULL)
1064 s->tls_session_secret_cb = tls_session_secret_cb;
1065 s->tls_session_secret_cb_arg = arg;
1071 SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
1074 if (s == NULL)
1076 s->tls_session_ticket_ext_cb = cb;
1077 s->tls_session_ticket_ext_cb_arg = arg;
1083 SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
1085 if (s->version >= TLS1_VERSION) {
1086 free(s->tlsext_session_ticket);
1087 s->tlsext_session_ticket =
1089 if (!s->tlsext_session_ticket) {
1090 SSLerror(s, ERR_R_MALLOC_FAILURE);
1095 s->tlsext_session_ticket->length = ext_len;
1096 s->tlsext_session_ticket->data =
1097 s->tlsext_session_ticket + 1;
1098 memcpy(s->tlsext_session_ticket->data,
1101 s->tlsext_session_ticket->length = 0;
1102 s->tlsext_session_ticket->data = NULL;
1119 timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
1121 if ((p->time == 0) || (p->time > (s->time + s->timeout))) {
1125 (void)lh_SSL_SESSION_delete(p->cache, s);
1126 SSL_SESSION_list_remove(p->ctx, s);
1127 s->not_resumable = 1;
1129 p->ctx->remove_session_cb(p->ctx, s);
1130 SSL_SESSION_free(s);
1145 SSL_CTX_flush_sessions(SSL_CTX *s, long t)
1149 tp.ctx = s;
1150 tp.cache = s->sessions;
1163 ssl_clear_bad_session(SSL *s)
1165 if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) &&
1166 !(SSL_in_init(s) || SSL_in_before(s))) {
1167 SSL_CTX_remove_session(s->ctx, s->session);
1175 SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
1177 if (s->next == NULL || s->prev == NULL)
1180 if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
1182 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
1187 ctx->session_cache_tail = s->prev;
1188 s->prev->next =
1192 if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
1194 ctx->session_cache_head = s->next;
1195 s->next->prev =
1199 s->next->prev = s->prev;
1200 s->prev->next = s->next;
1203 s->prev = s->next = NULL;
1207 SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
1209 if (s->next != NULL && s->prev != NULL)
1210 SSL_SESSION_list_remove(ctx, s);
1213 ctx->session_cache_head = s;
1214 ctx->session_cache_tail = s;
1215 s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
1216 s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
1218 s->next = ctx->session_cache_head;
1219 s->next->prev = s;
1220 s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
1221 ctx->session_cache_head = s;