static SSL_SESSION *get_server_session_cb(SSL *ssl, unsigned char *session_id, int session_id_length, int *unused_copy) { const char *myname = "get_server_session_cb"; TLS_SESS_STATE *TLScontext; VSTRING *cache_id; VSTRING *session_data = vstring_alloc(2048); SSL_SESSION *session = 0; if ((TLScontext = SSL_get_ex_data(ssl, TLScontext_index)) == 0) msg_panic("%s: null TLScontext in session lookup callback", myname); #define GEN_CACHE_ID(buf, id, len, service) \ do { \ buf = vstring_alloc(2 * (len + strlen(service))); \ hex_encode(buf, (char *) (id), (len)); \ vstring_sprintf_append(buf, "&s=%s", (service)); \ vstring_sprintf_append(buf, "&l=%ld", (long) SSLeay()); \ } while (0) GEN_CACHE_ID(cache_id, session_id, session_id_length, TLScontext->serverid); if (TLScontext->log_level >= 2) msg_info("%s: looking up session %s in %s cache", TLScontext->namaddr, STR(cache_id), TLScontext->cache_type); /* * Load the session from cache and decode it. */ if (tls_mgr_lookup(TLScontext->cache_type, STR(cache_id), session_data) == TLS_MGR_STAT_OK) { session = tls_session_activate(STR(session_data), LEN(session_data)); if (session && (TLScontext->log_level >= 2)) msg_info("%s: reloaded session %s from %s cache", TLScontext->namaddr, STR(cache_id), TLScontext->cache_type); } /* * Clean up. */ vstring_free(cache_id); vstring_free(session_data); return (session); }
static SSL_SESSION *load_clnt_session(TLS_SESS_STATE *TLScontext) { const char *myname = "load_clnt_session"; SSL_SESSION *session = 0; VSTRING *session_data = vstring_alloc(2048); /* * Prepare the query. */ if (TLScontext->log_mask & TLS_LOG_CACHE) /* serverid contains transport:addr:port information */ msg_info("looking for session %s in %s cache", TLScontext->serverid, TLScontext->cache_type); /* * We only get here if the cache_type is not empty. This code is not * called unless caching is enabled and the cache_type is stored in the * server SSL context. */ if (TLScontext->cache_type == 0) msg_panic("%s: null client session cache type in session lookup", myname); /* * Look up and activate the SSL_SESSION object. Errors are non-fatal, * since caching is only an optimization. */ if (tls_mgr_lookup(TLScontext->cache_type, TLScontext->serverid, session_data) == TLS_MGR_STAT_OK) { session = tls_session_activate(STR(session_data), LEN(session_data)); if (session) { if (TLScontext->log_mask & TLS_LOG_CACHE) /* serverid contains transport:addr:port information */ msg_info("reloaded session %s from %s cache", TLScontext->serverid, TLScontext->cache_type); } } /* * Clean up. */ vstring_free(session_data); return (session); }