feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Dynamic session cache: code review feedback

Browse Source
This commit is contained in:
Kareem
2023-02-15 17:38:14 -07:00
parent 5a77db3f20
commit 1167ad623b
2 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/ssl.c
View File

@@ -191,6 +191,12 @@
* ClientCache by default for backwards compatibility. This define will * ClientCache by default for backwards compatibility. This define will
* make wolfSSL_get_session return a reference to ssl->session. The returned * make wolfSSL_get_session return a reference to ssl->session. The returned
* pointer will be freed with the related WOLFSSL object. * pointer will be freed with the related WOLFSSL object.
* SESSION_CACHE_DYNAMIC_MEM:
* Dynamically allocate sessions for the session cache from the heap, as
* opposed to the default which allocates from the stack. Allocates
* memory only when a session is added to the cache, frees memory after the
* session is no longer being used. Recommended for memory-constrained
* systems.
* WOLFSSL_SYS_CA_CERTS * WOLFSSL_SYS_CA_CERTS
* Enables ability to load system CA certs from the OS via * Enables ability to load system CA certs from the OS via
* wolfSSL_CTX_load_system_CA_certs. * wolfSSL_CTX_load_system_CA_certs.
@@ -6192,6 +6198,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
int totalCount; /* sessions ever on this row */ int totalCount; /* sessions ever on this row */
#ifdef SESSION_CACHE_DYNAMIC_MEM #ifdef SESSION_CACHE_DYNAMIC_MEM
WOLFSSL_SESSION* Sessions[SESSIONS_PER_ROW]; WOLFSSL_SESSION* Sessions[SESSIONS_PER_ROW];
void* heap;
#else #else
WOLFSSL_SESSION Sessions[SESSIONS_PER_ROW]; WOLFSSL_SESSION Sessions[SESSIONS_PER_ROW];
#endif #endif
@@ -11474,11 +11481,11 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
#endif /* !NO_CLIENT_CACHE */ #endif /* !NO_CLIENT_CACHE */
/* TODO: Add SESSION_CACHE_DYNAMIC_MEM support for PERSIST_SESSION_CACHE. /* TODO: Add SESSION_CACHE_DYNAMIC_MEM support for PERSIST_SESSION_CACHE.
Need a count of current sessions to get an accurate memsize (totalCount is * Need a count of current sessions to get an accurate memsize (totalCount is
not decremented when sessions are removed). * not decremented when sessions are removed).
Need to determine ideal layout for mem/filesave. * Need to determine ideal layout for mem/filesave.
Also need mem/filesave checking to ensure not restoring non DYNAMIC_MEM cache. * Also need mem/filesave checking to ensure not restoring non DYNAMIC_MEM cache.
*/ */
#if defined(PERSIST_SESSION_CACHE) && !defined(SESSION_CACHE_DYNAMIC_MEM) #if defined(PERSIST_SESSION_CACHE) && !defined(SESSION_CACHE_DYNAMIC_MEM)
/* for persistence, if changes to layout need to increment and modify /* for persistence, if changes to layout need to increment and modify
@@ -14240,7 +14247,8 @@ int wolfSSL_Cleanup(void)
for (i = 0; i < SESSION_ROWS; i++) { for (i = 0; i < SESSION_ROWS; i++) {
for (j = 0; j < SESSIONS_PER_ROW; j++) { for (j = 0; j < SESSIONS_PER_ROW; j++) {
if (SessionCache[i].Sessions[j]) { if (SessionCache[i].Sessions[j]) {
XFREE(&SessionCache[i].Sessions[j], NULL, DYNAMIC_TYPE_SESSION); XFREE(SessionCache[i].Sessions[j], SessionCache[i].heap,
DYNAMIC_TYPE_SESSION);
SessionCache[i].Sessions[j] = NULL; SessionCache[i].Sessions[j] = NULL;
} }
} }
@@ -15309,10 +15317,10 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
#ifdef SESSION_CACHE_DYNAMIC_MEM #ifdef SESSION_CACHE_DYNAMIC_MEM
cacheSession = sessRow->Sessions[idx]; cacheSession = sessRow->Sessions[idx];
if (cacheSession) { if (cacheSession) {
XFREE(cacheSession, NULL, DYNAMIC_TYPE_SESSION); XFREE(cacheSession, sessRow->heap, DYNAMIC_TYPE_SESSION);
cacheSession = NULL; cacheSession = NULL;
} }
cacheSession = (WOLFSSL_SESSION*) XMALLOC(sizeof(WOLFSSL_SESSION), NULL, cacheSession = (WOLFSSL_SESSION*) XMALLOC(sizeof(WOLFSSL_SESSION), sessRow->heap,
DYNAMIC_TYPE_SESSION); DYNAMIC_TYPE_SESSION);
if (cacheSession == NULL) { if (cacheSession == NULL) {
return MEMORY_E; return MEMORY_E;
@@ -15765,11 +15773,12 @@ static int get_locked_session_stats(word32* active, word32* total, word32* peak)
#ifdef SESSION_CACHE_DYNAMIC_MEM #ifdef SESSION_CACHE_DYNAMIC_MEM
if (row->Sessions[idx] && if (row->Sessions[idx] &&
ticks < (row->Sessions[idx]->bornOn + ticks < (row->Sessions[idx]->bornOn +
row->Sessions[idx]->timeout) ) { row->Sessions[idx]->timeout) )
#else #else
if (ticks < (row->Sessions[idx].bornOn + if (ticks < (row->Sessions[idx].bornOn +
row->Sessions[idx].timeout) ) { row->Sessions[idx].timeout) )
#endif #endif
{
now++; now++;
} }
@@ -34327,7 +34336,7 @@ int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *s)
#endif #endif
#ifdef SESSION_CACHE_DYNAMIC_MEM #ifdef SESSION_CACHE_DYNAMIC_MEM
XFREE(cacheSession, NULL, DYNAMIC_TYPE_SESSION); XFREE(cacheSession, sessRow->heap, DYNAMIC_TYPE_SESSION);
sessRow->Sessions[i] = NULL; sessRow->Sessions[i] = NULL;
#endif #endif
break; break;

4
wolfssl/wolfcrypt/settings.h
View File

@@ -2940,6 +2940,10 @@ extern void uITRON4_free(void *p) ;
#endif #endif
#endif /* WOLFSSL_SYS_CA_CERTS */ #endif /* WOLFSSL_SYS_CA_CERTS */
#if defined(SESSION_CACHE_DYNAMIC_MEM) && defined(PERSIST_SESSION_CACHE)
#error "Dynamic session cache currently does not support persistent session cache."
#endif
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif