sandbox
mbedtls ported to mbed-classic
Fork of
mbedtls
by 
Christopher Haster
source/ssl_cache.c@1:24750b9ad5ef, 2016-01-22 (annotated)
- Committer:
- Christopher Haster
- Date:
- Fri Jan 22 16:44:49 2016 -0600
- Revision:
- 1:24750b9ad5ef
Initial move of mbedtls to mercurial
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Christopher Haster |
1:24750b9ad5ef | 1 | /* |
| Christopher Haster |
1:24750b9ad5ef | 2 | * SSL session cache implementation |
| Christopher Haster |
1:24750b9ad5ef | 3 | * |
| Christopher Haster |
1:24750b9ad5ef | 4 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| Christopher Haster |
1:24750b9ad5ef | 5 | * SPDX-License-Identifier: Apache-2.0 |
| Christopher Haster |
1:24750b9ad5ef | 6 | * |
| Christopher Haster |
1:24750b9ad5ef | 7 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| Christopher Haster |
1:24750b9ad5ef | 8 | * not use this file except in compliance with the License. |
| Christopher Haster |
1:24750b9ad5ef | 9 | * You may obtain a copy of the License at |
| Christopher Haster |
1:24750b9ad5ef | 10 | * |
| Christopher Haster |
1:24750b9ad5ef | 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
| Christopher Haster |
1:24750b9ad5ef | 12 | * |
| Christopher Haster |
1:24750b9ad5ef | 13 | * Unless required by applicable law or agreed to in writing, software |
| Christopher Haster |
1:24750b9ad5ef | 14 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| Christopher Haster |
1:24750b9ad5ef | 15 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| Christopher Haster |
1:24750b9ad5ef | 16 | * See the License for the specific language governing permissions and |
| Christopher Haster |
1:24750b9ad5ef | 17 | * limitations under the License. |
| Christopher Haster |
1:24750b9ad5ef | 18 | * |
| Christopher Haster |
1:24750b9ad5ef | 19 | * This file is part of mbed TLS (https://tls.mbed.org) |
| Christopher Haster |
1:24750b9ad5ef | 20 | */ |
| Christopher Haster |
1:24750b9ad5ef | 21 | /* |
| Christopher Haster |
1:24750b9ad5ef | 22 | * These session callbacks use a simple chained list |
| Christopher Haster |
1:24750b9ad5ef | 23 | * to store and retrieve the session information. |
| Christopher Haster |
1:24750b9ad5ef | 24 | */ |
| Christopher Haster |
1:24750b9ad5ef | 25 | |
| Christopher Haster |
1:24750b9ad5ef | 26 | #if !defined(MBEDTLS_CONFIG_FILE) |
| Christopher Haster |
1:24750b9ad5ef | 27 | #include "mbedtls/config.h" |
| Christopher Haster |
1:24750b9ad5ef | 28 | #else |
| Christopher Haster |
1:24750b9ad5ef | 29 | #include MBEDTLS_CONFIG_FILE |
| Christopher Haster |
1:24750b9ad5ef | 30 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 31 | |
| Christopher Haster |
1:24750b9ad5ef | 32 | #if defined(MBEDTLS_SSL_CACHE_C) |
| Christopher Haster |
1:24750b9ad5ef | 33 | |
| Christopher Haster |
1:24750b9ad5ef | 34 | #include "mbedtls/ssl_cache.h" |
| Christopher Haster |
1:24750b9ad5ef | 35 | |
| Christopher Haster |
1:24750b9ad5ef | 36 | #include <string.h> |
| Christopher Haster |
1:24750b9ad5ef | 37 | |
| Christopher Haster |
1:24750b9ad5ef | 38 | #if defined(MBEDTLS_PLATFORM_C) |
| Christopher Haster |
1:24750b9ad5ef | 39 | #include "mbedtls/platform.h" |
| Christopher Haster |
1:24750b9ad5ef | 40 | #else |
| Christopher Haster |
1:24750b9ad5ef | 41 | #include <stdlib.h> |
| Christopher Haster |
1:24750b9ad5ef | 42 | #define mbedtls_calloc calloc |
| Christopher Haster |
1:24750b9ad5ef | 43 | #define mbedtls_free free |
| Christopher Haster |
1:24750b9ad5ef | 44 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 45 | |
| Christopher Haster |
1:24750b9ad5ef | 46 | void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) |
| Christopher Haster |
1:24750b9ad5ef | 47 | { |
| Christopher Haster |
1:24750b9ad5ef | 48 | memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); |
| Christopher Haster |
1:24750b9ad5ef | 49 | |
| Christopher Haster |
1:24750b9ad5ef | 50 | cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; |
| Christopher Haster |
1:24750b9ad5ef | 51 | cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; |
| Christopher Haster |
1:24750b9ad5ef | 52 | |
| Christopher Haster |
1:24750b9ad5ef | 53 | #if defined(MBEDTLS_THREADING_C) |
| Christopher Haster |
1:24750b9ad5ef | 54 | mbedtls_mutex_init( &cache->mutex ); |
| Christopher Haster |
1:24750b9ad5ef | 55 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 56 | } |
| Christopher Haster |
1:24750b9ad5ef | 57 | |
| Christopher Haster |
1:24750b9ad5ef | 58 | int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) |
| Christopher Haster |
1:24750b9ad5ef | 59 | { |
| Christopher Haster |
1:24750b9ad5ef | 60 | int ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 61 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 62 | time_t t = time( NULL ); |
| Christopher Haster |
1:24750b9ad5ef | 63 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 64 | mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; |
| Christopher Haster |
1:24750b9ad5ef | 65 | mbedtls_ssl_cache_entry *cur, *entry; |
| Christopher Haster |
1:24750b9ad5ef | 66 | |
| Christopher Haster |
1:24750b9ad5ef | 67 | #if defined(MBEDTLS_THREADING_C) |
| Christopher Haster |
1:24750b9ad5ef | 68 | if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 69 | return( 1 ); |
| Christopher Haster |
1:24750b9ad5ef | 70 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 71 | |
| Christopher Haster |
1:24750b9ad5ef | 72 | cur = cache->chain; |
| Christopher Haster |
1:24750b9ad5ef | 73 | entry = NULL; |
| Christopher Haster |
1:24750b9ad5ef | 74 | |
| Christopher Haster |
1:24750b9ad5ef | 75 | while( cur != NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 76 | { |
| Christopher Haster |
1:24750b9ad5ef | 77 | entry = cur; |
| Christopher Haster |
1:24750b9ad5ef | 78 | cur = cur->next; |
| Christopher Haster |
1:24750b9ad5ef | 79 | |
| Christopher Haster |
1:24750b9ad5ef | 80 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 81 | if( cache->timeout != 0 && |
| Christopher Haster |
1:24750b9ad5ef | 82 | (int) ( t - entry->timestamp ) > cache->timeout ) |
| Christopher Haster |
1:24750b9ad5ef | 83 | continue; |
| Christopher Haster |
1:24750b9ad5ef | 84 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 85 | |
| Christopher Haster |
1:24750b9ad5ef | 86 | if( session->ciphersuite != entry->session.ciphersuite || |
| Christopher Haster |
1:24750b9ad5ef | 87 | session->compression != entry->session.compression || |
| Christopher Haster |
1:24750b9ad5ef | 88 | session->id_len != entry->session.id_len ) |
| Christopher Haster |
1:24750b9ad5ef | 89 | continue; |
| Christopher Haster |
1:24750b9ad5ef | 90 | |
| Christopher Haster |
1:24750b9ad5ef | 91 | if( memcmp( session->id, entry->session.id, |
| Christopher Haster |
1:24750b9ad5ef | 92 | entry->session.id_len ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 93 | continue; |
| Christopher Haster |
1:24750b9ad5ef | 94 | |
| Christopher Haster |
1:24750b9ad5ef | 95 | memcpy( session->master, entry->session.master, 48 ); |
| Christopher Haster |
1:24750b9ad5ef | 96 | |
| Christopher Haster |
1:24750b9ad5ef | 97 | session->verify_result = entry->session.verify_result; |
| Christopher Haster |
1:24750b9ad5ef | 98 | |
| Christopher Haster |
1:24750b9ad5ef | 99 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| Christopher Haster |
1:24750b9ad5ef | 100 | /* |
| Christopher Haster |
1:24750b9ad5ef | 101 | * Restore peer certificate (without rest of the original chain) |
| Christopher Haster |
1:24750b9ad5ef | 102 | */ |
| Christopher Haster |
1:24750b9ad5ef | 103 | if( entry->peer_cert.p != NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 104 | { |
| Christopher Haster |
1:24750b9ad5ef | 105 | if( ( session->peer_cert = mbedtls_calloc( 1, |
| Christopher Haster |
1:24750b9ad5ef | 106 | sizeof(mbedtls_x509_crt) ) ) == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 107 | { |
| Christopher Haster |
1:24750b9ad5ef | 108 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 109 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 110 | } |
| Christopher Haster |
1:24750b9ad5ef | 111 | |
| Christopher Haster |
1:24750b9ad5ef | 112 | mbedtls_x509_crt_init( session->peer_cert ); |
| Christopher Haster |
1:24750b9ad5ef | 113 | if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, |
| Christopher Haster |
1:24750b9ad5ef | 114 | entry->peer_cert.len ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 115 | { |
| Christopher Haster |
1:24750b9ad5ef | 116 | mbedtls_free( session->peer_cert ); |
| Christopher Haster |
1:24750b9ad5ef | 117 | session->peer_cert = NULL; |
| Christopher Haster |
1:24750b9ad5ef | 118 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 119 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 120 | } |
| Christopher Haster |
1:24750b9ad5ef | 121 | } |
| Christopher Haster |
1:24750b9ad5ef | 122 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| Christopher Haster |
1:24750b9ad5ef | 123 | |
| Christopher Haster |
1:24750b9ad5ef | 124 | ret = 0; |
| Christopher Haster |
1:24750b9ad5ef | 125 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 126 | } |
| Christopher Haster |
1:24750b9ad5ef | 127 | |
| Christopher Haster |
1:24750b9ad5ef | 128 | exit: |
| Christopher Haster |
1:24750b9ad5ef | 129 | #if defined(MBEDTLS_THREADING_C) |
| Christopher Haster |
1:24750b9ad5ef | 130 | if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 131 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 132 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 133 | |
| Christopher Haster |
1:24750b9ad5ef | 134 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 135 | } |
| Christopher Haster |
1:24750b9ad5ef | 136 | |
| Christopher Haster |
1:24750b9ad5ef | 137 | int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) |
| Christopher Haster |
1:24750b9ad5ef | 138 | { |
| Christopher Haster |
1:24750b9ad5ef | 139 | int ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 140 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 141 | time_t t = time( NULL ), oldest = 0; |
| Christopher Haster |
1:24750b9ad5ef | 142 | mbedtls_ssl_cache_entry *old = NULL; |
| Christopher Haster |
1:24750b9ad5ef | 143 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 144 | mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; |
| Christopher Haster |
1:24750b9ad5ef | 145 | mbedtls_ssl_cache_entry *cur, *prv; |
| Christopher Haster |
1:24750b9ad5ef | 146 | int count = 0; |
| Christopher Haster |
1:24750b9ad5ef | 147 | |
| Christopher Haster |
1:24750b9ad5ef | 148 | #if defined(MBEDTLS_THREADING_C) |
| Christopher Haster |
1:24750b9ad5ef | 149 | if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 150 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 151 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 152 | |
| Christopher Haster |
1:24750b9ad5ef | 153 | cur = cache->chain; |
| Christopher Haster |
1:24750b9ad5ef | 154 | prv = NULL; |
| Christopher Haster |
1:24750b9ad5ef | 155 | |
| Christopher Haster |
1:24750b9ad5ef | 156 | while( cur != NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 157 | { |
| Christopher Haster |
1:24750b9ad5ef | 158 | count++; |
| Christopher Haster |
1:24750b9ad5ef | 159 | |
| Christopher Haster |
1:24750b9ad5ef | 160 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 161 | if( cache->timeout != 0 && |
| Christopher Haster |
1:24750b9ad5ef | 162 | (int) ( t - cur->timestamp ) > cache->timeout ) |
| Christopher Haster |
1:24750b9ad5ef | 163 | { |
| Christopher Haster |
1:24750b9ad5ef | 164 | cur->timestamp = t; |
| Christopher Haster |
1:24750b9ad5ef | 165 | break; /* expired, reuse this slot, update timestamp */ |
| Christopher Haster |
1:24750b9ad5ef | 166 | } |
| Christopher Haster |
1:24750b9ad5ef | 167 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 168 | |
| Christopher Haster |
1:24750b9ad5ef | 169 | if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 170 | break; /* client reconnected, keep timestamp for session id */ |
| Christopher Haster |
1:24750b9ad5ef | 171 | |
| Christopher Haster |
1:24750b9ad5ef | 172 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 173 | if( oldest == 0 || cur->timestamp < oldest ) |
| Christopher Haster |
1:24750b9ad5ef | 174 | { |
| Christopher Haster |
1:24750b9ad5ef | 175 | oldest = cur->timestamp; |
| Christopher Haster |
1:24750b9ad5ef | 176 | old = cur; |
| Christopher Haster |
1:24750b9ad5ef | 177 | } |
| Christopher Haster |
1:24750b9ad5ef | 178 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 179 | |
| Christopher Haster |
1:24750b9ad5ef | 180 | prv = cur; |
| Christopher Haster |
1:24750b9ad5ef | 181 | cur = cur->next; |
| Christopher Haster |
1:24750b9ad5ef | 182 | } |
| Christopher Haster |
1:24750b9ad5ef | 183 | |
| Christopher Haster |
1:24750b9ad5ef | 184 | if( cur == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 185 | { |
| Christopher Haster |
1:24750b9ad5ef | 186 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 187 | /* |
| Christopher Haster |
1:24750b9ad5ef | 188 | * Reuse oldest entry if max_entries reached |
| Christopher Haster |
1:24750b9ad5ef | 189 | */ |
| Christopher Haster |
1:24750b9ad5ef | 190 | if( count >= cache->max_entries ) |
| Christopher Haster |
1:24750b9ad5ef | 191 | { |
| Christopher Haster |
1:24750b9ad5ef | 192 | if( old == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 193 | { |
| Christopher Haster |
1:24750b9ad5ef | 194 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 195 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 196 | } |
| Christopher Haster |
1:24750b9ad5ef | 197 | |
| Christopher Haster |
1:24750b9ad5ef | 198 | cur = old; |
| Christopher Haster |
1:24750b9ad5ef | 199 | } |
| Christopher Haster |
1:24750b9ad5ef | 200 | #else /* MBEDTLS_HAVE_TIME */ |
| Christopher Haster |
1:24750b9ad5ef | 201 | /* |
| Christopher Haster |
1:24750b9ad5ef | 202 | * Reuse first entry in chain if max_entries reached, |
| Christopher Haster |
1:24750b9ad5ef | 203 | * but move to last place |
| Christopher Haster |
1:24750b9ad5ef | 204 | */ |
| Christopher Haster |
1:24750b9ad5ef | 205 | if( count >= cache->max_entries ) |
| Christopher Haster |
1:24750b9ad5ef | 206 | { |
| Christopher Haster |
1:24750b9ad5ef | 207 | if( cache->chain == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 208 | { |
| Christopher Haster |
1:24750b9ad5ef | 209 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 210 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 211 | } |
| Christopher Haster |
1:24750b9ad5ef | 212 | |
| Christopher Haster |
1:24750b9ad5ef | 213 | cur = cache->chain; |
| Christopher Haster |
1:24750b9ad5ef | 214 | cache->chain = cur->next; |
| Christopher Haster |
1:24750b9ad5ef | 215 | cur->next = NULL; |
| Christopher Haster |
1:24750b9ad5ef | 216 | prv->next = cur; |
| Christopher Haster |
1:24750b9ad5ef | 217 | } |
| Christopher Haster |
1:24750b9ad5ef | 218 | #endif /* MBEDTLS_HAVE_TIME */ |
| Christopher Haster |
1:24750b9ad5ef | 219 | else |
| Christopher Haster |
1:24750b9ad5ef | 220 | { |
| Christopher Haster |
1:24750b9ad5ef | 221 | /* |
| Christopher Haster |
1:24750b9ad5ef | 222 | * max_entries not reached, create new entry |
| Christopher Haster |
1:24750b9ad5ef | 223 | */ |
| Christopher Haster |
1:24750b9ad5ef | 224 | cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); |
| Christopher Haster |
1:24750b9ad5ef | 225 | if( cur == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 226 | { |
| Christopher Haster |
1:24750b9ad5ef | 227 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 228 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 229 | } |
| Christopher Haster |
1:24750b9ad5ef | 230 | |
| Christopher Haster |
1:24750b9ad5ef | 231 | if( prv == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 232 | cache->chain = cur; |
| Christopher Haster |
1:24750b9ad5ef | 233 | else |
| Christopher Haster |
1:24750b9ad5ef | 234 | prv->next = cur; |
| Christopher Haster |
1:24750b9ad5ef | 235 | } |
| Christopher Haster |
1:24750b9ad5ef | 236 | |
| Christopher Haster |
1:24750b9ad5ef | 237 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 238 | cur->timestamp = t; |
| Christopher Haster |
1:24750b9ad5ef | 239 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 240 | } |
| Christopher Haster |
1:24750b9ad5ef | 241 | |
| Christopher Haster |
1:24750b9ad5ef | 242 | memcpy( &cur->session, session, sizeof( mbedtls_ssl_session ) ); |
| Christopher Haster |
1:24750b9ad5ef | 243 | |
| Christopher Haster |
1:24750b9ad5ef | 244 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| Christopher Haster |
1:24750b9ad5ef | 245 | /* |
| Christopher Haster |
1:24750b9ad5ef | 246 | * If we're reusing an entry, free its certificate first |
| Christopher Haster |
1:24750b9ad5ef | 247 | */ |
| Christopher Haster |
1:24750b9ad5ef | 248 | if( cur->peer_cert.p != NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 249 | { |
| Christopher Haster |
1:24750b9ad5ef | 250 | mbedtls_free( cur->peer_cert.p ); |
| Christopher Haster |
1:24750b9ad5ef | 251 | memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); |
| Christopher Haster |
1:24750b9ad5ef | 252 | } |
| Christopher Haster |
1:24750b9ad5ef | 253 | |
| Christopher Haster |
1:24750b9ad5ef | 254 | /* |
| Christopher Haster |
1:24750b9ad5ef | 255 | * Store peer certificate |
| Christopher Haster |
1:24750b9ad5ef | 256 | */ |
| Christopher Haster |
1:24750b9ad5ef | 257 | if( session->peer_cert != NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 258 | { |
| Christopher Haster |
1:24750b9ad5ef | 259 | cur->peer_cert.p = mbedtls_calloc( 1, session->peer_cert->raw.len ); |
| Christopher Haster |
1:24750b9ad5ef | 260 | if( cur->peer_cert.p == NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 261 | { |
| Christopher Haster |
1:24750b9ad5ef | 262 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 263 | goto exit; |
| Christopher Haster |
1:24750b9ad5ef | 264 | } |
| Christopher Haster |
1:24750b9ad5ef | 265 | |
| Christopher Haster |
1:24750b9ad5ef | 266 | memcpy( cur->peer_cert.p, session->peer_cert->raw.p, |
| Christopher Haster |
1:24750b9ad5ef | 267 | session->peer_cert->raw.len ); |
| Christopher Haster |
1:24750b9ad5ef | 268 | cur->peer_cert.len = session->peer_cert->raw.len; |
| Christopher Haster |
1:24750b9ad5ef | 269 | |
| Christopher Haster |
1:24750b9ad5ef | 270 | cur->session.peer_cert = NULL; |
| Christopher Haster |
1:24750b9ad5ef | 271 | } |
| Christopher Haster |
1:24750b9ad5ef | 272 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| Christopher Haster |
1:24750b9ad5ef | 273 | |
| Christopher Haster |
1:24750b9ad5ef | 274 | ret = 0; |
| Christopher Haster |
1:24750b9ad5ef | 275 | |
| Christopher Haster |
1:24750b9ad5ef | 276 | exit: |
| Christopher Haster |
1:24750b9ad5ef | 277 | #if defined(MBEDTLS_THREADING_C) |
| Christopher Haster |
1:24750b9ad5ef | 278 | if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) |
| Christopher Haster |
1:24750b9ad5ef | 279 | ret = 1; |
| Christopher Haster |
1:24750b9ad5ef | 280 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 281 | |
| Christopher Haster |
1:24750b9ad5ef | 282 | return( ret ); |
| Christopher Haster |
1:24750b9ad5ef | 283 | } |
| Christopher Haster |
1:24750b9ad5ef | 284 | |
| Christopher Haster |
1:24750b9ad5ef | 285 | #if defined(MBEDTLS_HAVE_TIME) |
| Christopher Haster |
1:24750b9ad5ef | 286 | void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) |
| Christopher Haster |
1:24750b9ad5ef | 287 | { |
| Christopher Haster |
1:24750b9ad5ef | 288 | if( timeout < 0 ) timeout = 0; |
| Christopher Haster |
1:24750b9ad5ef | 289 | |
| Christopher Haster |
1:24750b9ad5ef | 290 | cache->timeout = timeout; |
| Christopher Haster |
1:24750b9ad5ef | 291 | } |
| Christopher Haster |
1:24750b9ad5ef | 292 | #endif /* MBEDTLS_HAVE_TIME */ |
| Christopher Haster |
1:24750b9ad5ef | 293 | |
| Christopher Haster |
1:24750b9ad5ef | 294 | void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) |
| Christopher Haster |
1:24750b9ad5ef | 295 | { |
| Christopher Haster |
1:24750b9ad5ef | 296 | if( max < 0 ) max = 0; |
| Christopher Haster |
1:24750b9ad5ef | 297 | |
| Christopher Haster |
1:24750b9ad5ef | 298 | cache->max_entries = max; |
| Christopher Haster |
1:24750b9ad5ef | 299 | } |
| Christopher Haster |
1:24750b9ad5ef | 300 | |
| Christopher Haster |
1:24750b9ad5ef | 301 | void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) |
| Christopher Haster |
1:24750b9ad5ef | 302 | { |
| Christopher Haster |
1:24750b9ad5ef | 303 | mbedtls_ssl_cache_entry *cur, *prv; |
| Christopher Haster |
1:24750b9ad5ef | 304 | |
| Christopher Haster |
1:24750b9ad5ef | 305 | cur = cache->chain; |
| Christopher Haster |
1:24750b9ad5ef | 306 | |
| Christopher Haster |
1:24750b9ad5ef | 307 | while( cur != NULL ) |
| Christopher Haster |
1:24750b9ad5ef | 308 | { |
| Christopher Haster |
1:24750b9ad5ef | 309 | prv = cur; |
| Christopher Haster |
1:24750b9ad5ef | 310 | cur = cur->next; |
| Christopher Haster |
1:24750b9ad5ef | 311 | |
| Christopher Haster |
1:24750b9ad5ef | 312 | mbedtls_ssl_session_free( &prv->session ); |
| Christopher Haster |
1:24750b9ad5ef | 313 | |
| Christopher Haster |
1:24750b9ad5ef | 314 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| Christopher Haster |
1:24750b9ad5ef | 315 | mbedtls_free( prv->peer_cert.p ); |
| Christopher Haster |
1:24750b9ad5ef | 316 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| Christopher Haster |
1:24750b9ad5ef | 317 | |
| Christopher Haster |
1:24750b9ad5ef | 318 | mbedtls_free( prv ); |
| Christopher Haster |
1:24750b9ad5ef | 319 | } |
| Christopher Haster |
1:24750b9ad5ef | 320 | |
| Christopher Haster |
1:24750b9ad5ef | 321 | #if defined(MBEDTLS_THREADING_C) |
| Christopher Haster |
1:24750b9ad5ef | 322 | mbedtls_mutex_free( &cache->mutex ); |
| Christopher Haster |
1:24750b9ad5ef | 323 | #endif |
| Christopher Haster |
1:24750b9ad5ef | 324 | } |
| Christopher Haster |
1:24750b9ad5ef | 325 | |
| Christopher Haster |
1:24750b9ad5ef | 326 | #endif /* MBEDTLS_SSL_CACHE_C */ |