From 031ce6854686c4697b280294b527f08979ff9266 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Fri, 9 Oct 2020 20:30:30 +0200 Subject: [PATCH] Differentiate between server and client sessions This is important is the client and server share memory space. If a server and client both save the same session in SessionCache it may cause inconsistencies. The hash of the sessionID will be the same causing one of the sides to overwrite the other. A possible problem is that the peer certificate will be incorrect for one of the sides. --- src/ssl.c | 22 +++++++++++++++------- wolfssl/internal.h | 2 ++ 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 32378861c..b9ac91001 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -13165,7 +13165,8 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret, } current = &SessionCache[row].Sessions[idx]; - if (XMEMCMP(current->sessionID, id, ID_LEN) == 0) { + if (XMEMCMP(current->sessionID, id, ID_LEN) == 0 && + current->side == ssl->options.side) { WOLFSSL_MSG("Found a session match"); if (LowResTimer() < (current->bornOn + current->timeout)) { WOLFSSL_MSG("Session valid"); @@ -13250,6 +13251,7 @@ static int GetDeepCopySession(WOLFSSL* ssl, WOLFSSL_SESSION* copyFrom) copyInto->namedGroup = copyFrom->namedGroup; copyInto->ticketSeen = copyFrom->ticketSeen; copyInto->ticketAdd = copyFrom->ticketAdd; + copyInto->side = copyFrom->side; XMEMCPY(©Into->ticketNonce, ©From->ticketNonce, sizeof(TicketNonce)); #ifdef WOLFSSL_EARLY_DATA @@ -13434,7 +13436,8 @@ int AddSession(WOLFSSL* ssl) } for (i=0; ioptions.side) { WOLFSSL_MSG("Session already exists. Overwriting."); overwrite = 1; idx = i; @@ -13451,6 +13454,8 @@ int AddSession(WOLFSSL* ssl) session = &SessionCache[row].Sessions[idx]; } + session->side = ssl->options.side; + #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) { XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN); @@ -29615,9 +29620,10 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p) return BAD_FUNC_ARG; } - /* bornOn | timeout | sessionID len | sessionID | masterSecret | haveEMS */ - size += OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN + sess->sessionIDSz + - SECRET_LEN + OPAQUE8_LEN; + /* side | bornOn | timeout | sessionID len | sessionID | masterSecret | + * haveEMS */ + size += OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN + + sess->sessionIDSz + SECRET_LEN + OPAQUE8_LEN; #ifdef SESSION_CERTS /* Peer chain */ size += OPAQUE8_LEN; @@ -29669,6 +29675,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p) return 0; data = *p; + data[idx++] = sess->side; c32toa(sess->bornOn, data + idx); idx += OPAQUE32_LEN; c32toa(sess->timeout, data + idx); idx += OPAQUE32_LEN; data[idx++] = sess->sessionIDSz; @@ -29787,11 +29794,12 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess, idx = 0; data = (byte*)*p; - /* bornOn | timeout | sessionID len */ - if (i < OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN) { + /* side | bornOn | timeout | sessionID len */ + if (i < OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN) { ret = BUFFER_ERROR; goto end; } + s->side = data[idx++]; ato32(data + idx, &s->bornOn); idx += OPAQUE32_LEN; ato32(data + idx, &s->timeout); idx += OPAQUE32_LEN; s->sessionIDSz = data[idx++]; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index fc42030de..086371fdb 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3238,6 +3238,8 @@ struct WOLFSSL_SESSION { #ifdef HAVE_EX_DATA WOLFSSL_CRYPTO_EX_DATA ex_data; #endif + byte side; /* Either WOLFSSL_CLIENT_END or + WOLFSSL_SERVER_END */ };