static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *session, int lock) { int ret = 0; if (session != NULL && session->session_id_length != 0) { if (lock) { CRYPTO_MUTEX_lock_write(&ctx->lock); } SSL_SESSION *found_session = lh_SSL_SESSION_retrieve(ctx->sessions, session); if (found_session == session) { ret = 1; found_session = lh_SSL_SESSION_delete(ctx->sessions, session); SSL_SESSION_list_remove(ctx, session); } if (lock) { CRYPTO_MUTEX_unlock(&ctx->lock); } if (ret) { found_session->not_resumable = 1; if (ctx->remove_session_cb != NULL) { ctx->remove_session_cb(ctx, found_session); } SSL_SESSION_free(found_session); } } return ret; }
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lock) { SSL_SESSION *r; int ret = 0; if (c != NULL && c->session_id_length != 0) { if (lock) { CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); } r = lh_SSL_SESSION_retrieve(ctx->sessions, c); if (r == c) { ret = 1; r = lh_SSL_SESSION_delete(ctx->sessions, c); SSL_SESSION_list_remove(ctx, c); } if (lock) { CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); } if (ret) { r->not_resumable = 1; if (ctx->remove_session_cb != NULL) { ctx->remove_session_cb(ctx, r); } SSL_SESSION_free(r); } } return ret; }
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) { SSL_SESSION *r; int ret = 0; if ((c != NULL) && (c->session_id_length != 0)) { if (lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); if ((r = lh_SSL_SESSION_retrieve(ctx->internal->sessions, c)) == c) { ret = 1; r = lh_SSL_SESSION_delete(ctx->internal->sessions, c); SSL_SESSION_list_remove(ctx, c); } if (lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); if (ret) { r->internal->not_resumable = 1; if (ctx->internal->remove_session_cb != NULL) ctx->internal->remove_session_cb(ctx, r); SSL_SESSION_free(r); } } else ret = 0; return (ret); }
static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) { SSL_SESSION *r; int ret = 0; if ((c != NULL) && (c->session_id_length != 0)) { if (lck) CRYPTO_THREAD_write_lock(ctx->lock); if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) { ret = 1; r = lh_SSL_SESSION_delete(ctx->sessions, c); SSL_SESSION_list_remove(ctx, c); } c->not_resumable = 1; if (lck) CRYPTO_THREAD_unlock(ctx->lock); if (ret) SSL_SESSION_free(r); if (ctx->remove_session_cb != NULL) ctx->remove_session_cb(ctx, c); } else ret = 0; return (ret); }
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) { int ret = 0; SSL_SESSION *s; /* add just 1 reference count for the SSL_CTX's session cache even though it * has two ways of access: each session is in a doubly linked list and an * lhash */ SSL_SESSION_up_ref(c); /* if session c is in already in cache, we take back the increment later */ CRYPTO_MUTEX_lock_write(&ctx->lock); if (!lh_SSL_SESSION_insert(ctx->sessions, &s, c)) { CRYPTO_MUTEX_unlock(&ctx->lock); return 0; } /* s != NULL iff we already had a session with the given PID. In this case, s * == c should hold (then we did not really modify ctx->sessions), or we're * in trouble. */ if (s != NULL && s != c) { /* We *are* in trouble ... */ SSL_SESSION_list_remove(ctx, s); SSL_SESSION_free(s); /* ... so pretend the other session did not exist in cache (we cannot * handle two SSL_SESSION structures with identical session ID in the same * cache, which could happen e.g. when two threads concurrently obtain the * same session from an external cache) */ s = NULL; } /* Put at the head of the queue unless it is already in the cache */ if (s == NULL) { SSL_SESSION_list_add(ctx, c); } if (s != NULL) { /* existing cache entry -- decrement previously incremented reference count * because it already takes into account the cache */ SSL_SESSION_free(s); /* s == c */ ret = 0; } else { /* new cache entry -- remove old ones if cache has become too large */ ret = 1; if (SSL_CTX_sess_get_cache_size(ctx) > 0) { while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) { break; } } } } CRYPTO_MUTEX_unlock(&ctx->lock); return ret; }
static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p) { if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */ /* * The reason we don't call SSL_CTX_remove_session() is to save on * locking overhead */ (void)lh_SSL_SESSION_delete(p->cache, s); SSL_SESSION_list_remove(p->ctx, s); s->not_resumable = 1; if (p->ctx->remove_session_cb != NULL) p->ctx->remove_session_cb(p->ctx, s); SSL_SESSION_free(s); } }
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *session) { if (session->next != NULL && session->prev != NULL) { SSL_SESSION_list_remove(ctx, session); } if (ctx->session_cache_head == NULL) { ctx->session_cache_head = session; ctx->session_cache_tail = session; session->prev = (SSL_SESSION *)&(ctx->session_cache_head); session->next = (SSL_SESSION *)&(ctx->session_cache_tail); } else { session->next = ctx->session_cache_head; session->next->prev = session; session->prev = (SSL_SESSION *)&(ctx->session_cache_head); ctx->session_cache_head = session; } }
static void timeout_doall_arg(SSL_SESSION *session, void *void_param) { TIMEOUT_PARAM *param = void_param; if (param->time == 0 || param->time > (session->time + session->timeout)) { /* timeout */ /* The reason we don't call SSL_CTX_remove_session() is to * save on locking overhead */ (void) lh_SSL_SESSION_delete(param->cache, session); SSL_SESSION_list_remove(param->ctx, session); session->not_resumable = 1; if (param->ctx->remove_session_cb != NULL) { param->ctx->remove_session_cb(param->ctx, session); } SSL_SESSION_free(session); } }
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) { if ((s->next != NULL) && (s->prev != NULL)) SSL_SESSION_list_remove(ctx, s); if (ctx->session_cache_head == NULL) { ctx->session_cache_head = s; ctx->session_cache_tail = s; s->prev = (SSL_SESSION *)&(ctx->session_cache_head); s->next = (SSL_SESSION *)&(ctx->session_cache_tail); } else { s->next = ctx->session_cache_head; s->next->prev = s; s->prev = (SSL_SESSION *)&(ctx->session_cache_head); ctx->session_cache_head = s; } }
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *session) { /* Although |session| is inserted into two structures (a doubly-linked list * and the hash table), |ctx| only takes one reference. */ SSL_SESSION_up_ref(session); SSL_SESSION *old_session; CRYPTO_MUTEX_lock_write(&ctx->lock); if (!lh_SSL_SESSION_insert(ctx->sessions, &old_session, session)) { CRYPTO_MUTEX_unlock(&ctx->lock); SSL_SESSION_free(session); return 0; } if (old_session != NULL) { if (old_session == session) { /* |session| was already in the cache. */ CRYPTO_MUTEX_unlock(&ctx->lock); SSL_SESSION_free(old_session); return 0; } /* There was a session ID collision. |old_session| must be removed from * the linked list and released. */ SSL_SESSION_list_remove(ctx, old_session); SSL_SESSION_free(old_session); } SSL_SESSION_list_add(ctx, session); /* Enforce any cache size limits. */ if (SSL_CTX_sess_get_cache_size(ctx) > 0) { while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) { break; } } } CRYPTO_MUTEX_unlock(&ctx->lock); return 1; }
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) { int ret = 0; SSL_SESSION *s; /* * add just 1 reference count for the SSL_CTX's session cache even though * it has two ways of access: each session is in a doubly linked list and * an lhash */ SSL_SESSION_up_ref(c); /* * if session c is in already in cache, we take back the increment later */ CRYPTO_THREAD_write_lock(ctx->lock); s = lh_SSL_SESSION_insert(ctx->sessions, c); /* * s != NULL iff we already had a session with the given PID. In this * case, s == c should hold (then we did not really modify * ctx->sessions), or we're in trouble. */ if (s != NULL && s != c) { /* We *are* in trouble ... */ SSL_SESSION_list_remove(ctx, s); SSL_SESSION_free(s); /* * ... so pretend the other session did not exist in cache (we cannot * handle two SSL_SESSION structures with identical session ID in the * same cache, which could happen e.g. when two threads concurrently * obtain the same session from an external cache) */ s = NULL; } else if (s == NULL && lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) { /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */ /* * ... so take back the extra reference and also don't add * the session to the SSL_SESSION_list at this time */ s = c; } /* Put at the head of the queue unless it is already in the cache */ if (s == NULL) SSL_SESSION_list_add(ctx, c); if (s != NULL) { /* * existing cache entry -- decrement previously incremented reference * count because it already takes into account the cache */ SSL_SESSION_free(s); /* s == c */ ret = 0; } else { /* * new cache entry -- remove old ones if cache has become too large */ ret = 1; if (SSL_CTX_sess_get_cache_size(ctx) > 0) { while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) break; else ctx->stats.sess_cache_full++; } } } CRYPTO_THREAD_unlock(ctx->lock); return ret; }
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) { int ret = 0; SSL_SESSION *s; /* * Add just 1 reference count for the SSL_CTX's session cache * even though it has two ways of access: each session is in a * doubly linked list and an lhash. */ CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION); /* * If session c is in already in cache, we take back the increment * later. */ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); s = lh_SSL_SESSION_insert(ctx->internal->sessions, c); /* * s != NULL iff we already had a session with the given PID. * In this case, s == c should hold (then we did not really modify * ctx->internal->sessions), or we're in trouble. */ if (s != NULL && s != c) { /* We *are* in trouble ... */ SSL_SESSION_list_remove(ctx, s); SSL_SESSION_free(s); /* * ... so pretend the other session did not exist in cache * (we cannot handle two SSL_SESSION structures with identical * session ID in the same cache, which could happen e.g. when * two threads concurrently obtain the same session from an * external cache). */ s = NULL; } /* Put at the head of the queue unless it is already in the cache */ if (s == NULL) SSL_SESSION_list_add(ctx, c); if (s != NULL) { /* * existing cache entry -- decrement previously incremented * reference count because it already takes into account the * cache. */ SSL_SESSION_free(s); /* s == c */ ret = 0; } else { /* * New cache entry -- remove old ones if cache has become * too large. */ ret = 1; if (SSL_CTX_sess_get_cache_size(ctx) > 0) { while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->internal->session_cache_tail, 0)) break; else ctx->internal->stats.sess_cache_full++; } } } CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); return (ret); }