feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #3091 from julek-wolfssl/sess-serialization

Browse Source 
Expose session serialization outside of `OPENSSL_EXTRA`
This commit is contained in:
toddouska
2020-08-07 15:41:27 -07:00
committed by GitHub
parent 89e6f3bcd5 3efd8a8576
commit 1724347f7a
4 changed files with 34 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
configure.ac
View File

@ -587,6 +587,7 @@ if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xn
then
AM_CFLAGS="-DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB $AM_CFLAGS"
AM_CFLAGS="-DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS $AM_CFLAGS"
AM_CFLAGS="-DHAVE_EXT_CACHE $AM_CFLAGS"
fi
if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"

5
examples/client/client.c
View File

@ -2438,7 +2438,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_CTX_SetCACb(ctx, CaCb);
#endif
#ifdef HAVE_EXT_CACHE
#if defined(HAVE_EXT_CACHE) && !defined(NO_SESSION_CACHE)
wolfSSL_CTX_sess_set_get_cb(ctx, mySessGetCb);
wolfSSL_CTX_sess_set_new_cb(ctx, mySessNewCb);
wolfSSL_CTX_sess_set_remove_cb(ctx, mySessRemCb);
@ -3203,7 +3203,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE)
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
defined(HAVE_EXT_CACHE))
if (session != NULL && resumeSession) {
flatSessionSz = wolfSSL_i2d_SSL_SESSION(session, NULL);
if (flatSessionSz != 0) {

39
src/ssl.c
View File

@ -16713,19 +16713,6 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
return WOLFSSL_SUCCESS;
}
long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
{
word32 tmptime;
if (!ses || t < 0)
return BAD_FUNC_ARG;
tmptime = t & 0xFFFFFFFF;
ses->timeout = tmptime;
return WOLFSSL_SUCCESS;
}
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
@ -27060,7 +27047,8 @@ int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk)
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
defined(HAVE_EXT_CACHE))
/* stunnel 4.28 needs
*
* Callback that is called if a session tries to resume but could not find
@ -27092,9 +27080,6 @@ void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX* ctx,
#endif
}
#endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*,
WOLFSSL_SESSION*))
{
@ -27107,9 +27092,7 @@ void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*,
(void)f;
#endif
}
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#ifdef OPENSSL_EXTRA
/*
*
@ -27479,7 +27462,6 @@ end:
return s;
}
long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess)
{
long timeout = 0;
@ -27499,8 +27481,20 @@ long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
return bornOn;
}
long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
{
word32 tmptime;
if (!ses || t < 0)
return BAD_FUNC_ARG;
#endif /* OPENSSL_EXTRA */
tmptime = t & 0xFFFFFFFF;
ses->timeout = tmptime;
return WOLFSSL_SUCCESS;
}
#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */
#ifdef KEEP_PEER_CERT
@ -41961,6 +41955,8 @@ int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *x)
return WOLFSSL_FAILURE;
#endif
#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
defined(HAVE_EXT_CACHE))
if (wolfSSL_BIO_printf(bp, " Start Time: %ld\n",
wolfSSL_SESSION_get_time(x)) <= 0)
return WOLFSSL_FAILURE;
@ -41968,6 +41964,7 @@ int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *x)
if (wolfSSL_BIO_printf(bp, " Timeout : %ld (sec)\n",
wolfSSL_SESSION_get_timeout(x)) <= 0)
return WOLFSSL_FAILURE;
#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */
/* @TODO verify return code print */

17
tests/api.c
View File

@ -29165,18 +29165,20 @@ static void test_wolfSSL_BIO_f_md(void)
static void test_wolfSSL_SESSION(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_SESSION_CACHE)
WOLFSSL* ssl;
WOLFSSL_CTX* ctx;
WOLFSSL_SESSION* sess;
WOLFSSL_SESSION* sess_copy;
const unsigned char context[] = "user app context";
unsigned char* sessDer = NULL;
unsigned char* ptr = NULL;
#ifdef OPENSSL_EXTRA
const unsigned char context[] = "user app context";
unsigned int contextSz = (unsigned int)sizeof(context);
#endif
int ret, err, sockfd, sz;
tcp_ready ready;
func_args server_args;
@ -29185,7 +29187,10 @@ static void test_wolfSSL_SESSION(void)
printf(testingFmt, "wolfSSL_SESSION()");
/* TLS v1.3 requires session tickets */
#if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12)
/* CHACHA and POLY1305 required for myTicketEncCb */
#if defined(WOLFSSL_TLS13) && (!defined(HAVE_SESSION_TICKET) && \
!defined(WOLFSSL_NO_TLS12) || !(defined(HAVE_CHACHA) && \
defined(HAVE_POLY1305)))
AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
@ -29251,7 +29256,7 @@ static void test_wolfSSL_SESSION(void)
fdOpenSession(Task_self());
#endif
#if defined(SESSION_CERTS)
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
{
X509 *x509;
char buf[30];
@ -29305,6 +29310,7 @@ static void test_wolfSSL_SESSION(void)
}
#endif
#ifdef OPENSSL_EXTRA
/* fail case with miss match session context IDs (use compatibility API) */
AssertIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
SSL_SUCCESS);
@ -29316,6 +29322,7 @@ static void test_wolfSSL_SESSION(void)
SSL_SUCCESS);
AssertNotNull(ssl = wolfSSL_new(ctx));
AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
#endif
wolfSSL_free(ssl);
SSL_SESSION_free(sess);