wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Call HaveUniqueSessionObj when we need to have a unique session object

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2023-08-17 17:38:02 +02:00
parent 06d81f7f8f
commit 8ce71cc19c
4 changed files with 30 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/internal.c
View File

@ -27456,6 +27456,20 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
/* client only parts */
#ifndef NO_WOLFSSL_CLIENT
int HaveUniqueSessionObj(WOLFSSL* ssl)
{
if (ssl->session->ref.count > 1) {
WOLFSSL_SESSION* newSession = wolfSSL_SESSION_dup(ssl->session);
if (newSession == NULL) {
WOLFSSL_MSG("Session duplicate failed");
return 0;
}
wolfSSL_FreeSession(ssl->ctx, ssl->session);
ssl->session = newSession;
}
return 1;
}
#ifndef WOLFSSL_NO_TLS12
/* handle generation of client_hello (1) */
@ -28295,6 +28309,11 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
else {
if (DSH_CheckSessionId(ssl)) {
if (SetCipherSpecs(ssl) == 0) {
if (!HaveUniqueSessionObj(ssl)) {
WOLFSSL_MSG("Unable to have unique session object");
WOLFSSL_ERROR_VERBOSE(MEMORY_ERROR);
return MEMORY_ERROR;
}
XMEMCPY(ssl->arrays->masterSecret,
ssl->session->masterSecret, SECRET_LEN);
@ -31810,14 +31829,8 @@ exit_scv:
#ifdef HAVE_SESSION_TICKET
int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
{
/* If the session is shared, we need to copy-on-write */
if (ssl->session->ref.count > 1) {
WOLFSSL_SESSION* nsession = wolfSSL_SESSION_dup(ssl->session);
if (nsession == NULL)
return MEMORY_E;
wolfSSL_FreeSession(ssl->ctx, ssl->session);
ssl->session = nsession;
}
if (!HaveUniqueSessionObj(ssl))
return MEMORY_ERROR;
/* Free old dynamic ticket if we already had one */
if (ssl->session->ticketLenAlloc > 0) {

16
src/ssl.c
View File

@ -14173,11 +14173,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
if (ssl->session == session) {
WOLFSSL_MSG("ssl->session and session same");
}
else
#ifdef HAVE_STUNNEL
/* stunnel depends on the ex_data not being duplicated. Copy OpenSSL
* behaviour for now. */
if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
else if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
if (wolfSSL_SESSION_up_ref(session) == WOLFSSL_SUCCESS) {
wolfSSL_FreeSession(ssl->ctx, ssl->session);
ssl->session = session;
@ -14185,9 +14181,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
else
ret = WOLFSSL_FAILURE;
}
else
#endif
{
else {
ret = wolfSSL_DupSession(session, ssl->session, 0);
if (ret != WOLFSSL_SUCCESS)
WOLFSSL_MSG("Session duplicate failed");
@ -20607,7 +20601,6 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
{
#ifdef HAVE_EXT_CACHE
WOLFSSL_SESSION* copy;
WOLFSSL_ENTER("wolfSSL_SESSION_dup");
@ -20630,11 +20623,6 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
copy = NULL;
}
return copy;
#else
WOLFSSL_MSG("wolfSSL_SESSION_dup feature not compiled in");
(void)session;
return NULL;
#endif /* HAVE_EXT_CACHE */
}
void wolfSSL_FreeSession(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)

6
src/tls13.c
View File

@ -3704,6 +3704,12 @@ static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk, int clientHello)
if (psk == NULL)
return BAD_FUNC_ARG;
if (!HaveUniqueSessionObj(ssl)) {
WOLFSSL_MSG("Unable to have unique session object");
WOLFSSL_ERROR_VERBOSE(MEMORY_ERROR);
return MEMORY_ERROR;
}
suite[0] = ssl->options.cipherSuite0;
suite[1] = ssl->options.cipherSuite;

1
wolfssl/internal.h
View File

@ -6209,6 +6209,7 @@ WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret);
WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_LOCAL int HaveUniqueSessionObj(WOLFSSL* ssl);
WOLFSSL_LOCAL int SendClientHello(WOLFSSL* ssl);
WOLFSSL_LOCAL int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size);