diff options
Diffstat (limited to 'src/ssl/ssl_lib.cc')
-rw-r--r-- | src/ssl/ssl_lib.cc | 74 |
1 files changed, 48 insertions, 26 deletions
diff --git a/src/ssl/ssl_lib.cc b/src/ssl/ssl_lib.cc index 10128d82..9ecd7df6 100644 --- a/src/ssl/ssl_lib.cc +++ b/src/ssl/ssl_lib.cc @@ -218,6 +218,7 @@ void ssl_update_cache(SSL_HANDSHAKE *hs, int mode) { SSL_CTX *ctx = ssl->session_ctx; /* Never cache sessions with empty session IDs. */ if (ssl->s3->established_session->session_id_length == 0 || + ssl->s3->established_session->not_resumable || (ctx->session_cache_mode & mode) != mode) { return; } @@ -357,11 +358,18 @@ void ssl_do_msg_callback(SSL *ssl, int is_write, int content_type, } void ssl_get_current_time(const SSL *ssl, struct OPENSSL_timeval *out_clock) { - if (ssl->ctx->current_time_cb != NULL) { + /* TODO(martinkr): Change callers to |ssl_ctx_get_current_time| and drop the + * |ssl| arg from |current_time_cb| if possible. */ + ssl_ctx_get_current_time(ssl->ctx, out_clock); +} + +void ssl_ctx_get_current_time(const SSL_CTX *ctx, + struct OPENSSL_timeval *out_clock) { + if (ctx->current_time_cb != NULL) { /* TODO(davidben): Update current_time_cb to use OPENSSL_timeval. See * https://crbug.com/boringssl/155. */ struct timeval clock; - ssl->ctx->current_time_cb(ssl, &clock); + ctx->current_time_cb(nullptr /* ssl */, &clock); if (clock.tv_sec < 0) { assert(0); out_clock->tv_sec = 0; @@ -503,13 +511,6 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) { ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH; - /* Setup RFC4507 ticket keys */ - if (!RAND_bytes(ret->tlsext_tick_key_name, 16) || - !RAND_bytes(ret->tlsext_tick_hmac_key, 16) || - !RAND_bytes(ret->tlsext_tick_aes_key, 16)) { - ret->options |= SSL_OP_NO_TICKET; - } - /* Disable the auto-chaining feature by default. Once this has stuck without * problems, the feature will be removed entirely. */ ret->mode = SSL_MODE_NO_AUTO_CHAIN; @@ -571,6 +572,8 @@ void SSL_CTX_free(SSL_CTX *ctx) { OPENSSL_free(ctx->alpn_client_proto_list); EVP_PKEY_free(ctx->tlsext_channel_id_private); OPENSSL_free(ctx->verify_sigalgs); + OPENSSL_free(ctx->tlsext_ticket_key_current); + OPENSSL_free(ctx->tlsext_ticket_key_prev); OPENSSL_free(ctx); } @@ -1587,10 +1590,18 @@ int SSL_CTX_get_tlsext_ticket_keys(SSL_CTX *ctx, void *out, size_t len) { OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } + + /* The default ticket keys are initialized lazily. Trigger a key + * rotation to initialize them. */ + if (!ssl_ctx_rotate_ticket_encryption_key(ctx)) { + return 0; + } + uint8_t *out_bytes = reinterpret_cast<uint8_t *>(out); - OPENSSL_memcpy(out_bytes, ctx->tlsext_tick_key_name, 16); - OPENSSL_memcpy(out_bytes + 16, ctx->tlsext_tick_hmac_key, 16); - OPENSSL_memcpy(out_bytes + 32, ctx->tlsext_tick_aes_key, 16); + MutexReadLock lock(&ctx->lock); + OPENSSL_memcpy(out_bytes, ctx->tlsext_ticket_key_current->name, 16); + OPENSSL_memcpy(out_bytes + 16, ctx->tlsext_ticket_key_current->hmac_key, 16); + OPENSSL_memcpy(out_bytes + 32, ctx->tlsext_ticket_key_current->aes_key, 16); return 1; } @@ -1602,10 +1613,22 @@ int SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, const void *in, size_t len) { OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH); return 0; } + if (!ctx->tlsext_ticket_key_current) { + ctx->tlsext_ticket_key_current = + (tlsext_ticket_key *)OPENSSL_malloc(sizeof(tlsext_ticket_key)); + if (!ctx->tlsext_ticket_key_current) { + return 0; + } + } + OPENSSL_memset(ctx->tlsext_ticket_key_current, 0, sizeof(tlsext_ticket_key)); const uint8_t *in_bytes = reinterpret_cast<const uint8_t *>(in); - OPENSSL_memcpy(ctx->tlsext_tick_key_name, in_bytes, 16); - OPENSSL_memcpy(ctx->tlsext_tick_hmac_key, in_bytes + 16, 16); - OPENSSL_memcpy(ctx->tlsext_tick_aes_key, in_bytes + 32, 16); + OPENSSL_memcpy(ctx->tlsext_ticket_key_current->name, in_bytes, 16); + OPENSSL_memcpy(ctx->tlsext_ticket_key_current->hmac_key, in_bytes + 16, 16); + OPENSSL_memcpy(ctx->tlsext_ticket_key_current->aes_key, in_bytes + 32, 16); + OPENSSL_free(ctx->tlsext_ticket_key_prev); + ctx->tlsext_ticket_key_prev = nullptr; + /* Disable automatic key rotation. */ + ctx->tlsext_ticket_key_current->next_rotation_tv_sec = 0; return 1; } @@ -1789,28 +1812,27 @@ void SSL_enable_ocsp_stapling(SSL *ssl) { void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, const uint8_t **out, size_t *out_len) { SSL_SESSION *session = SSL_get_session(ssl); - - *out_len = 0; - *out = NULL; - if (ssl->server || !session || !session->tlsext_signed_cert_timestamp_list) { + if (ssl->server || !session || !session->signed_cert_timestamp_list) { + *out_len = 0; + *out = NULL; return; } - *out = session->tlsext_signed_cert_timestamp_list; - *out_len = session->tlsext_signed_cert_timestamp_list_length; + *out = CRYPTO_BUFFER_data(session->signed_cert_timestamp_list); + *out_len = CRYPTO_BUFFER_len(session->signed_cert_timestamp_list); } void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out, size_t *out_len) { SSL_SESSION *session = SSL_get_session(ssl); - - *out_len = 0; - *out = NULL; if (ssl->server || !session || !session->ocsp_response) { + *out_len = 0; + *out = NULL; return; } - *out = session->ocsp_response; - *out_len = session->ocsp_response_length; + + *out = CRYPTO_BUFFER_data(session->ocsp_response); + *out_len = CRYPTO_BUFFER_len(session->ocsp_response); } int SSL_set_tlsext_host_name(SSL *ssl, const char *name) { |