WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Improve documentation for `wolfSSL_get1_session`. Add wolfSSL specific naming on the internal session functions to avoid possible user conflicts. ZD13363 and ZD13487.

pull/4740/head
David Garske 2022-01-10 07:47:19 -08:00
parent b97894c617
commit 6ce248e2f9
5 changed files with 47 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
doc/dox_comments/header_files/ssl.h
View File

@ -2384,7 +2384,7 @@ WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX*, long);
} }
\endcode \endcode
\sa GetSessionClient \sa wolfSSL_set_session
*/ */
WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*, WOLFSSL_API int wolfSSL_SetServerID(WOLFSSL*, const unsigned char*,
int, int); int, int);
@ -3794,7 +3794,10 @@ WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*);
/*! /*!
\ingroup Setup \ingroup Setup
\brief This function returns the WOLFSSL_SESSION from the WOLFSSL structure. \brief This function returns the WOLFSSL_SESSION from the WOLFSSL structure
as a reference type. This requires calling wolfSSL_SESSION_free to release
the session reference. If the referred to session expires from the cache an
error will occur when trying to set the session.
\return WOLFSSL_SESSION On success return session pointer. \return WOLFSSL_SESSION On success return session pointer.
\return NULL on failure returns NULL. \return NULL on failure returns NULL.
@ -3806,12 +3809,18 @@ WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*);
WOLFSSL* ssl; WOLFSSL* ssl;
WOLFSSL_SESSION* ses; WOLFSSL_SESSION* ses;
// attempt/complete handshake // attempt/complete handshake
wolfSSL_connect(ssl);
ses = wolfSSL_get1_session(ssl); ses = wolfSSL_get1_session(ssl);
// check ses information // check ses information
// disconnect / setup new SSL instance
wolfSSL_set_session(ssl, ses);
// attempt/resume handshake
wolfSSL_SESSION_free(ses);
\endcode \endcode
\sa wolfSSL_new \sa wolfSSL_new
\sa wolfSSL_free \sa wolfSSL_free
\sa wolfSSL_SESSION_free
*/ */
WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);

4
src/internal.c
View File

@ -29276,7 +29276,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->options.haveSessionId = 1; ssl->options.haveSessionId = 1;
/* DoClientHello uses same resume code */ /* DoClientHello uses same resume code */
if (ssl->options.resuming) { /* let's try */ if (ssl->options.resuming) { /* let's try */
WOLFSSL_SESSION* session = GetSession(ssl, WOLFSSL_SESSION* session = wolfSSL_GetSession(ssl,
ssl->arrays->masterSecret, 1); ssl->arrays->masterSecret, 1);
#ifdef HAVE_SESSION_TICKET #ifdef HAVE_SESSION_TICKET
if (ssl->options.useTicket == 1) { if (ssl->options.useTicket == 1) {
@ -29351,7 +29351,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} else } else
#endif #endif
{ {
session = GetSession(ssl, ssl->arrays->masterSecret, 1); session = wolfSSL_GetSession(ssl, ssl->arrays->masterSecret, 1);
#ifdef HAVE_EXT_CACHE #ifdef HAVE_EXT_CACHE
gotSess = 1; gotSess = 1;
#endif #endif

9
src/sniffer.c
View File

@ -3084,7 +3084,8 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes,
/* Use the wolf Session cache to retain resumption secret */ /* Use the wolf Session cache to retain resumption secret */
if (session->flags.cached == 0) { if (session->flags.cached == 0) {
WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL, 0); WOLFSSL_SESSION* sess = wolfSSL_GetSession(session->sslServer,
NULL, 0);
if (sess == NULL) { if (sess == NULL) {
AddSession(session->sslServer); /* don't re add */ AddSession(session->sslServer); /* don't re add */
#ifdef WOLFSSL_SNIFFER_STATS #ifdef WOLFSSL_SNIFFER_STATS
@ -3121,7 +3122,7 @@ static int DoResume(SnifferSession* session, char* error)
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(session->sslServer->version)) { if (IsAtLeastTLSv1_3(session->sslServer->version)) {
resume = GetSession(session->sslServer, resume = wolfSSL_GetSession(session->sslServer,
session->sslServer->session.masterSecret, 0); session->sslServer->session.masterSecret, 0);
if (resume == NULL) { if (resume == NULL) {
/* TLS v1.3 with hello_retry uses session_id even for new session, /* TLS v1.3 with hello_retry uses session_id even for new session,
@ -3132,7 +3133,7 @@ static int DoResume(SnifferSession* session, char* error)
else else
#endif #endif
{ {
resume = GetSession(session->sslServer, resume = wolfSSL_GetSession(session->sslServer,
session->sslServer->arrays->masterSecret, 0); session->sslServer->arrays->masterSecret, 0);
if (resume == NULL) { if (resume == NULL) {
#ifdef WOLFSSL_SNIFFER_STATS #ifdef WOLFSSL_SNIFFER_STATS
@ -3967,7 +3968,7 @@ static int ProcessFinished(const byte* input, int size, int* sslBytes,
if (ret == 0 && session->flags.cached == 0) { if (ret == 0 && session->flags.cached == 0) {
if (session->sslServer->options.haveSessionId) { if (session->sslServer->options.haveSessionId) {
#ifndef NO_SESSION_CACHE #ifndef NO_SESSION_CACHE
WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL, 0); WOLFSSL_SESSION* sess = wolfSSL_GetSession(session->sslServer, NULL, 0);
if (sess == NULL) { if (sess == NULL) {
AddSession(session->sslServer); /* don't re add */ AddSession(session->sslServer); /* don't re add */
#ifdef WOLFSSL_SNIFFER_STATS #ifdef WOLFSSL_SNIFFER_STATS

41
src/ssl.c
View File

@ -12231,7 +12231,7 @@ WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl)
{ {
WOLFSSL_ENTER("SSL_get_session"); WOLFSSL_ENTER("SSL_get_session");
if (ssl) if (ssl)
return GetSession(ssl, NULL, 1); return wolfSSL_GetSession(ssl, NULL, 1);
return NULL; return NULL;
} }
@ -12241,7 +12241,7 @@ WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl)
{ {
WOLFSSL_SESSION* sess = NULL; WOLFSSL_SESSION* sess = NULL;
if (ssl != NULL) { if (ssl != NULL) {
sess = GetSessionRef(ssl); sess = wolfSSL_GetSessionRef(ssl);
if (sess != NULL) { if (sess != NULL) {
/* wolfSSL_get_session returns either static cache or ref. If ref then /* wolfSSL_get_session returns either static cache or ref. If ref then
* increase reference counter */ * increase reference counter */
@ -12280,7 +12280,7 @@ int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session)
{ {
WOLFSSL_ENTER("SSL_set_session"); WOLFSSL_ENTER("SSL_set_session");
if (session) if (session)
return SetSession(ssl, session); return wolfSSL_SetSession(ssl, session);
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
@ -12301,11 +12301,11 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if (newSession == 0) { if (newSession == 0) {
session = GetSessionClient(ssl, id, len); session = wolfSSL_GetSessionClient(ssl, id, len);
if (session) { if (session) {
if (SetSession(ssl, session) != WOLFSSL_SUCCESS) { if (wolfSSL_SetSession(ssl, session) != WOLFSSL_SUCCESS) {
#ifdef HAVE_EXT_CACHE #ifdef HAVE_EXT_CACHE
FreeSession(session); wolfSSL_FreeSession(session);
#endif #endif
WOLFSSL_MSG("SetSession failed"); WOLFSSL_MSG("SetSession failed");
session = NULL; session = NULL;
@ -12321,7 +12321,7 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
} }
#ifdef HAVE_EXT_CACHE #ifdef HAVE_EXT_CACHE
else { else {
FreeSession(session); wolfSSL_FreeSession(session);
} }
#endif #endif
@ -15054,7 +15054,7 @@ int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to)
#ifndef NO_CLIENT_CACHE #ifndef NO_CLIENT_CACHE
/* Get Session from Client cache based on id/len, return NULL on failure */ /* Get Session from Client cache based on id/len, return NULL on failure */
WOLFSSL_SESSION* GetSessionClient(WOLFSSL* ssl, const byte* id, int len) WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
{ {
WOLFSSL_SESSION* ret = NULL; WOLFSSL_SESSION* ret = NULL;
word32 row; word32 row;
@ -15196,7 +15196,7 @@ static int SslSessionCacheOff(const WOLFSSL* ssl, const WOLFSSL_SESSION* session
; ;
} }
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret, WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
byte restoreSessionCerts) byte restoreSessionCerts)
{ {
WOLFSSL_SESSION* ret = NULL; WOLFSSL_SESSION* ret = NULL;
@ -15288,7 +15288,7 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
return ret; return ret;
} }
int SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session) int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
{ {
int ret = WOLFSSL_SUCCESS, row = -1; int ret = WOLFSSL_SUCCESS, row = -1;
#ifdef HAVE_SESSION_TICKET #ifdef HAVE_SESSION_TICKET
@ -15758,7 +15758,7 @@ int AddSession(WOLFSSL* ssl)
cbRet = ssl->ctx->new_sess_cb(ssl, session); cbRet = ssl->ctx->new_sess_cb(ssl, session);
} }
if (ssl->options.internalCacheOff && cbRet == 0) { if (ssl->options.internalCacheOff && cbRet == 0) {
FreeSession(session); wolfSSL_FreeSession(session);
} }
#endif #endif
@ -16016,7 +16016,7 @@ int wolfSSL_get_session_stats(word32* active, word32* total, word32* peak,
#else /* NO_SESSION_CACHE */ #else /* NO_SESSION_CACHE */
/* No session cache version */ /* No session cache version */
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret, WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
byte restoreSessionCerts) byte restoreSessionCerts)
{ {
(void)ssl; (void)ssl;
@ -23292,7 +23292,7 @@ int wolfSSL_session_reused(WOLFSSL* ssl)
return resuming; return resuming;
} }
WOLFSSL_SESSION* GetSessionRef(WOLFSSL* ssl) WOLFSSL_SESSION* wolfSSL_GetSessionRef(WOLFSSL* ssl)
{ {
WOLFSSL_SESSION* session; WOLFSSL_SESSION* session;
#ifdef ENABLE_CLIENT_SESSION_REF #ifdef ENABLE_CLIENT_SESSION_REF
@ -23302,13 +23302,14 @@ WOLFSSL_SESSION* GetSessionRef(WOLFSSL* ssl)
int refCount = 0; int refCount = 0;
#endif #endif
session = GetSession(ssl, NULL, 1); session = wolfSSL_GetSession(ssl, NULL, 1);
if (session == NULL) { if (session == NULL) {
return session; return session;
} }
#ifdef ENABLE_CLIENT_SESSION_REF #ifdef ENABLE_CLIENT_SESSION_REF
/* if GetSessionRef has already been called then use existing pointer */ /* if wolfSSL_GetSessionRef has already been called then use existing
* pointer */
ref = (WOLFSSL_SESSION*)ssl->session.refPtr; ref = (WOLFSSL_SESSION*)ssl->session.refPtr;
if (ref == NULL) { if (ref == NULL) {
ref = (WOLFSSL_SESSION*)XMALLOC(refSize, ssl->heap, ref = (WOLFSSL_SESSION*)XMALLOC(refSize, ssl->heap,
@ -23338,7 +23339,7 @@ WOLFSSL_SESSION* GetSessionRef(WOLFSSL* ssl)
#if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)
/* return a new malloc'd session with default settings on success */ /* return a new malloc'd session with default settings on success */
WOLFSSL_SESSION* NewSession(void* heap) WOLFSSL_SESSION* wolfSSL_NewSession(void* heap)
{ {
WOLFSSL_SESSION* ret = NULL; WOLFSSL_SESSION* ret = NULL;
@ -23365,7 +23366,7 @@ WOLFSSL_SESSION* NewSession(void* heap)
WOLFSSL_SESSION* wolfSSL_SESSION_new_ex(void* heap) WOLFSSL_SESSION* wolfSSL_SESSION_new_ex(void* heap)
{ {
WOLFSSL_SESSION* ret = NewSession(heap); WOLFSSL_SESSION* ret = wolfSSL_NewSession(heap);
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
if (ret != NULL) { if (ret != NULL) {
@ -23428,7 +23429,7 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
} }
#endif #endif
copy = NewSession(session->heap); copy = wolfSSL_NewSession(session->heap);
if (copy != NULL) { if (copy != NULL) {
XMEMCPY(copy, session, sizeof(WOLFSSL_SESSION)); XMEMCPY(copy, session, sizeof(WOLFSSL_SESSION));
copy->type = WOLFSSL_SESSION_TYPE_HEAP; copy->type = WOLFSSL_SESSION_TYPE_HEAP;
@ -23473,7 +23474,7 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
#endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */ #endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */
void FreeSession(WOLFSSL_SESSION* session) void wolfSSL_FreeSession(WOLFSSL_SESSION* session)
{ {
if (session == NULL) if (session == NULL)
return; return;
@ -23537,7 +23538,7 @@ void FreeSession(WOLFSSL_SESSION* session)
void wolfSSL_SESSION_free(WOLFSSL_SESSION* session) void wolfSSL_SESSION_free(WOLFSSL_SESSION* session)
{ {
FreeSession(session); wolfSSL_FreeSession(session);
} }
#if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) #if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)

12
wolfssl/internal.h
View File

@ -3452,17 +3452,17 @@ struct WOLFSSL_SESSION {
}; };
WOLFSSL_LOCAL WOLFSSL_SESSION* NewSession(void* heap); WOLFSSL_LOCAL WOLFSSL_SESSION* wolfSSL_NewSession(void* heap);
WOLFSSL_LOCAL WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte); WOLFSSL_LOCAL WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL*, byte*, byte);
WOLFSSL_LOCAL WOLFSSL_SESSION* GetSessionRef(WOLFSSL*); WOLFSSL_LOCAL WOLFSSL_SESSION* wolfSSL_GetSessionRef(WOLFSSL*);
WOLFSSL_LOCAL int SetSession(WOLFSSL*, WOLFSSL_SESSION*); WOLFSSL_LOCAL int wolfSSL_SetSession(WOLFSSL*, WOLFSSL_SESSION*);
WOLFSSL_LOCAL void FreeSession(WOLFSSL_SESSION*); WOLFSSL_LOCAL void wolfSSL_FreeSession(WOLFSSL_SESSION*);
typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int); typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int);
#ifndef NO_CLIENT_CACHE #ifndef NO_CLIENT_CACHE
WOLFSSL_LOCAL WOLFSSL_LOCAL
WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int); WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL*, const byte*, int);
#endif #endif
/* client connect state for nonblocking restart */ /* client connect state for nonblocking restart */