static int tlsmgr_key(VSTRING *buffer, int timeout) { TLS_TICKET_KEY *key; TLS_TICKET_KEY tmp; unsigned char *name; time_t now = time((time_t *) 0); /* In tlsmgr requests we encode null key names as empty strings. */ name = LEN(buffer) ? (unsigned char *) STR(buffer) : 0; /* * Each key's encrypt and subsequent decrypt-only timeout is half of the * total session timeout. */ timeout /= 2; /* Attempt to locate existing key */ if ((key = tls_scache_key(name, now, timeout)) == 0) { if (name == 0) { /* Create new encryption key */ if (RAND_bytes(tmp.name, TLS_TICKET_NAMELEN) <= 0 || RAND_bytes(tmp.bits, TLS_TICKET_KEYLEN) <= 0 || RAND_bytes(tmp.hmac, TLS_TICKET_MACLEN) <= 0) return (TLS_MGR_STAT_ERR); tmp.tout = now + timeout - 1; key = tls_scache_key_rotate(&tmp); } else { /* No matching decryption key found */ return (TLS_MGR_STAT_ERR); } } /* Return value overrites name buffer */ vstring_memcpy(buffer, (char *) key, sizeof(*key)); return (TLS_MGR_STAT_OK); }
int tls_mgr_lookup(const char *unused_type, const char *key, VSTRING *buf) { VSTRING *s; if (tls_cache == 0) return TLS_MGR_STAT_ERR; if ((s = (VSTRING *) htable_find(tls_cache, key)) == 0) return TLS_MGR_STAT_ERR; vstring_memcpy(buf, vstring_str(s), VSTRING_LEN(s)); ++cache_hits; return (TLS_MGR_STAT_OK); }
int tls_mgr_update(const char *unused_type, const char *key, const char *buf, ssize_t len) { HTABLE_INFO *ent; VSTRING *s; if (tls_cache == 0) return TLS_MGR_STAT_ERR; if ((ent = htable_locate(tls_cache, key)) == 0) { s = vstring_alloc(len); ent = htable_enter(tls_cache, key, (char *) s); } else { s = (VSTRING *) ent->value; } vstring_memcpy(s, buf, len); ++cache_count; return (TLS_MGR_STAT_OK); }