Maxim nexpaq
Preliminary main mbed library for nexpaq development
features/mbedtls/src/ssl_cache.c@0:6c56fb4bc5f0, 2016-11-04 (annotated)
- Committer:
- nexpaq
- Date:
- Fri Nov 04 20:27:58 2016 +0000
- Revision:
- 0:6c56fb4bc5f0
Moving to library for sharing updates
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| nexpaq | 0:6c56fb4bc5f0 | 1 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 2 | * SSL session cache implementation |
| nexpaq | 0:6c56fb4bc5f0 | 3 | * |
| nexpaq | 0:6c56fb4bc5f0 | 4 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| nexpaq | 0:6c56fb4bc5f0 | 5 | * SPDX-License-Identifier: Apache-2.0 |
| nexpaq | 0:6c56fb4bc5f0 | 6 | * |
| nexpaq | 0:6c56fb4bc5f0 | 7 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| nexpaq | 0:6c56fb4bc5f0 | 8 | * not use this file except in compliance with the License. |
| nexpaq | 0:6c56fb4bc5f0 | 9 | * You may obtain a copy of the License at |
| nexpaq | 0:6c56fb4bc5f0 | 10 | * |
| nexpaq | 0:6c56fb4bc5f0 | 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
| nexpaq | 0:6c56fb4bc5f0 | 12 | * |
| nexpaq | 0:6c56fb4bc5f0 | 13 | * Unless required by applicable law or agreed to in writing, software |
| nexpaq | 0:6c56fb4bc5f0 | 14 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| nexpaq | 0:6c56fb4bc5f0 | 15 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| nexpaq | 0:6c56fb4bc5f0 | 16 | * See the License for the specific language governing permissions and |
| nexpaq | 0:6c56fb4bc5f0 | 17 | * limitations under the License. |
| nexpaq | 0:6c56fb4bc5f0 | 18 | * |
| nexpaq | 0:6c56fb4bc5f0 | 19 | * This file is part of mbed TLS (https://tls.mbed.org) |
| nexpaq | 0:6c56fb4bc5f0 | 20 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 21 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 22 | * These session callbacks use a simple chained list |
| nexpaq | 0:6c56fb4bc5f0 | 23 | * to store and retrieve the session information. |
| nexpaq | 0:6c56fb4bc5f0 | 24 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 25 | |
| nexpaq | 0:6c56fb4bc5f0 | 26 | #if !defined(MBEDTLS_CONFIG_FILE) |
| nexpaq | 0:6c56fb4bc5f0 | 27 | #include "mbedtls/config.h" |
| nexpaq | 0:6c56fb4bc5f0 | 28 | #else |
| nexpaq | 0:6c56fb4bc5f0 | 29 | #include MBEDTLS_CONFIG_FILE |
| nexpaq | 0:6c56fb4bc5f0 | 30 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 31 | |
| nexpaq | 0:6c56fb4bc5f0 | 32 | #if defined(MBEDTLS_SSL_CACHE_C) |
| nexpaq | 0:6c56fb4bc5f0 | 33 | |
| nexpaq | 0:6c56fb4bc5f0 | 34 | #if defined(MBEDTLS_PLATFORM_C) |
| nexpaq | 0:6c56fb4bc5f0 | 35 | #include "mbedtls/platform.h" |
| nexpaq | 0:6c56fb4bc5f0 | 36 | #else |
| nexpaq | 0:6c56fb4bc5f0 | 37 | #include <stdlib.h> |
| nexpaq | 0:6c56fb4bc5f0 | 38 | #define mbedtls_calloc calloc |
| nexpaq | 0:6c56fb4bc5f0 | 39 | #define mbedtls_free free |
| nexpaq | 0:6c56fb4bc5f0 | 40 | #define mbedtls_time time |
| nexpaq | 0:6c56fb4bc5f0 | 41 | #define mbedtls_time_t time_t |
| nexpaq | 0:6c56fb4bc5f0 | 42 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 43 | |
| nexpaq | 0:6c56fb4bc5f0 | 44 | #include "mbedtls/ssl_cache.h" |
| nexpaq | 0:6c56fb4bc5f0 | 45 | |
| nexpaq | 0:6c56fb4bc5f0 | 46 | #include <string.h> |
| nexpaq | 0:6c56fb4bc5f0 | 47 | |
| nexpaq | 0:6c56fb4bc5f0 | 48 | void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) |
| nexpaq | 0:6c56fb4bc5f0 | 49 | { |
| nexpaq | 0:6c56fb4bc5f0 | 50 | memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); |
| nexpaq | 0:6c56fb4bc5f0 | 51 | |
| nexpaq | 0:6c56fb4bc5f0 | 52 | cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; |
| nexpaq | 0:6c56fb4bc5f0 | 53 | cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; |
| nexpaq | 0:6c56fb4bc5f0 | 54 | |
| nexpaq | 0:6c56fb4bc5f0 | 55 | #if defined(MBEDTLS_THREADING_C) |
| nexpaq | 0:6c56fb4bc5f0 | 56 | mbedtls_mutex_init( &cache->mutex ); |
| nexpaq | 0:6c56fb4bc5f0 | 57 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 58 | } |
| nexpaq | 0:6c56fb4bc5f0 | 59 | |
| nexpaq | 0:6c56fb4bc5f0 | 60 | int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) |
| nexpaq | 0:6c56fb4bc5f0 | 61 | { |
| nexpaq | 0:6c56fb4bc5f0 | 62 | int ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 63 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 64 | mbedtls_time_t t = mbedtls_time( NULL ); |
| nexpaq | 0:6c56fb4bc5f0 | 65 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 66 | mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; |
| nexpaq | 0:6c56fb4bc5f0 | 67 | mbedtls_ssl_cache_entry *cur, *entry; |
| nexpaq | 0:6c56fb4bc5f0 | 68 | |
| nexpaq | 0:6c56fb4bc5f0 | 69 | #if defined(MBEDTLS_THREADING_C) |
| nexpaq | 0:6c56fb4bc5f0 | 70 | if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 71 | return( 1 ); |
| nexpaq | 0:6c56fb4bc5f0 | 72 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 73 | |
| nexpaq | 0:6c56fb4bc5f0 | 74 | cur = cache->chain; |
| nexpaq | 0:6c56fb4bc5f0 | 75 | entry = NULL; |
| nexpaq | 0:6c56fb4bc5f0 | 76 | |
| nexpaq | 0:6c56fb4bc5f0 | 77 | while( cur != NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 78 | { |
| nexpaq | 0:6c56fb4bc5f0 | 79 | entry = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 80 | cur = cur->next; |
| nexpaq | 0:6c56fb4bc5f0 | 81 | |
| nexpaq | 0:6c56fb4bc5f0 | 82 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 83 | if( cache->timeout != 0 && |
| nexpaq | 0:6c56fb4bc5f0 | 84 | (int) ( t - entry->timestamp ) > cache->timeout ) |
| nexpaq | 0:6c56fb4bc5f0 | 85 | continue; |
| nexpaq | 0:6c56fb4bc5f0 | 86 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 87 | |
| nexpaq | 0:6c56fb4bc5f0 | 88 | if( session->ciphersuite != entry->session.ciphersuite || |
| nexpaq | 0:6c56fb4bc5f0 | 89 | session->compression != entry->session.compression || |
| nexpaq | 0:6c56fb4bc5f0 | 90 | session->id_len != entry->session.id_len ) |
| nexpaq | 0:6c56fb4bc5f0 | 91 | continue; |
| nexpaq | 0:6c56fb4bc5f0 | 92 | |
| nexpaq | 0:6c56fb4bc5f0 | 93 | if( memcmp( session->id, entry->session.id, |
| nexpaq | 0:6c56fb4bc5f0 | 94 | entry->session.id_len ) != 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 95 | continue; |
| nexpaq | 0:6c56fb4bc5f0 | 96 | |
| nexpaq | 0:6c56fb4bc5f0 | 97 | memcpy( session->master, entry->session.master, 48 ); |
| nexpaq | 0:6c56fb4bc5f0 | 98 | |
| nexpaq | 0:6c56fb4bc5f0 | 99 | session->verify_result = entry->session.verify_result; |
| nexpaq | 0:6c56fb4bc5f0 | 100 | |
| nexpaq | 0:6c56fb4bc5f0 | 101 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| nexpaq | 0:6c56fb4bc5f0 | 102 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 103 | * Restore peer certificate (without rest of the original chain) |
| nexpaq | 0:6c56fb4bc5f0 | 104 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 105 | if( entry->peer_cert.p != NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 106 | { |
| nexpaq | 0:6c56fb4bc5f0 | 107 | if( ( session->peer_cert = mbedtls_calloc( 1, |
| nexpaq | 0:6c56fb4bc5f0 | 108 | sizeof(mbedtls_x509_crt) ) ) == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 109 | { |
| nexpaq | 0:6c56fb4bc5f0 | 110 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 111 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 112 | } |
| nexpaq | 0:6c56fb4bc5f0 | 113 | |
| nexpaq | 0:6c56fb4bc5f0 | 114 | mbedtls_x509_crt_init( session->peer_cert ); |
| nexpaq | 0:6c56fb4bc5f0 | 115 | if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, |
| nexpaq | 0:6c56fb4bc5f0 | 116 | entry->peer_cert.len ) != 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 117 | { |
| nexpaq | 0:6c56fb4bc5f0 | 118 | mbedtls_free( session->peer_cert ); |
| nexpaq | 0:6c56fb4bc5f0 | 119 | session->peer_cert = NULL; |
| nexpaq | 0:6c56fb4bc5f0 | 120 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 121 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 122 | } |
| nexpaq | 0:6c56fb4bc5f0 | 123 | } |
| nexpaq | 0:6c56fb4bc5f0 | 124 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| nexpaq | 0:6c56fb4bc5f0 | 125 | |
| nexpaq | 0:6c56fb4bc5f0 | 126 | ret = 0; |
| nexpaq | 0:6c56fb4bc5f0 | 127 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 128 | } |
| nexpaq | 0:6c56fb4bc5f0 | 129 | |
| nexpaq | 0:6c56fb4bc5f0 | 130 | exit: |
| nexpaq | 0:6c56fb4bc5f0 | 131 | #if defined(MBEDTLS_THREADING_C) |
| nexpaq | 0:6c56fb4bc5f0 | 132 | if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 133 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 134 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 135 | |
| nexpaq | 0:6c56fb4bc5f0 | 136 | return( ret ); |
| nexpaq | 0:6c56fb4bc5f0 | 137 | } |
| nexpaq | 0:6c56fb4bc5f0 | 138 | |
| nexpaq | 0:6c56fb4bc5f0 | 139 | int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) |
| nexpaq | 0:6c56fb4bc5f0 | 140 | { |
| nexpaq | 0:6c56fb4bc5f0 | 141 | int ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 142 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 143 | mbedtls_time_t t = time( NULL ), oldest = 0; |
| nexpaq | 0:6c56fb4bc5f0 | 144 | mbedtls_ssl_cache_entry *old = NULL; |
| nexpaq | 0:6c56fb4bc5f0 | 145 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 146 | mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; |
| nexpaq | 0:6c56fb4bc5f0 | 147 | mbedtls_ssl_cache_entry *cur, *prv; |
| nexpaq | 0:6c56fb4bc5f0 | 148 | int count = 0; |
| nexpaq | 0:6c56fb4bc5f0 | 149 | |
| nexpaq | 0:6c56fb4bc5f0 | 150 | #if defined(MBEDTLS_THREADING_C) |
| nexpaq | 0:6c56fb4bc5f0 | 151 | if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 152 | return( ret ); |
| nexpaq | 0:6c56fb4bc5f0 | 153 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 154 | |
| nexpaq | 0:6c56fb4bc5f0 | 155 | cur = cache->chain; |
| nexpaq | 0:6c56fb4bc5f0 | 156 | prv = NULL; |
| nexpaq | 0:6c56fb4bc5f0 | 157 | |
| nexpaq | 0:6c56fb4bc5f0 | 158 | while( cur != NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 159 | { |
| nexpaq | 0:6c56fb4bc5f0 | 160 | count++; |
| nexpaq | 0:6c56fb4bc5f0 | 161 | |
| nexpaq | 0:6c56fb4bc5f0 | 162 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 163 | if( cache->timeout != 0 && |
| nexpaq | 0:6c56fb4bc5f0 | 164 | (int) ( t - cur->timestamp ) > cache->timeout ) |
| nexpaq | 0:6c56fb4bc5f0 | 165 | { |
| nexpaq | 0:6c56fb4bc5f0 | 166 | cur->timestamp = t; |
| nexpaq | 0:6c56fb4bc5f0 | 167 | break; /* expired, reuse this slot, update timestamp */ |
| nexpaq | 0:6c56fb4bc5f0 | 168 | } |
| nexpaq | 0:6c56fb4bc5f0 | 169 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 170 | |
| nexpaq | 0:6c56fb4bc5f0 | 171 | if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 172 | break; /* client reconnected, keep timestamp for session id */ |
| nexpaq | 0:6c56fb4bc5f0 | 173 | |
| nexpaq | 0:6c56fb4bc5f0 | 174 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 175 | if( oldest == 0 || cur->timestamp < oldest ) |
| nexpaq | 0:6c56fb4bc5f0 | 176 | { |
| nexpaq | 0:6c56fb4bc5f0 | 177 | oldest = cur->timestamp; |
| nexpaq | 0:6c56fb4bc5f0 | 178 | old = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 179 | } |
| nexpaq | 0:6c56fb4bc5f0 | 180 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 181 | |
| nexpaq | 0:6c56fb4bc5f0 | 182 | prv = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 183 | cur = cur->next; |
| nexpaq | 0:6c56fb4bc5f0 | 184 | } |
| nexpaq | 0:6c56fb4bc5f0 | 185 | |
| nexpaq | 0:6c56fb4bc5f0 | 186 | if( cur == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 187 | { |
| nexpaq | 0:6c56fb4bc5f0 | 188 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 189 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 190 | * Reuse oldest entry if max_entries reached |
| nexpaq | 0:6c56fb4bc5f0 | 191 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 192 | if( count >= cache->max_entries ) |
| nexpaq | 0:6c56fb4bc5f0 | 193 | { |
| nexpaq | 0:6c56fb4bc5f0 | 194 | if( old == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 195 | { |
| nexpaq | 0:6c56fb4bc5f0 | 196 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 197 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 198 | } |
| nexpaq | 0:6c56fb4bc5f0 | 199 | |
| nexpaq | 0:6c56fb4bc5f0 | 200 | cur = old; |
| nexpaq | 0:6c56fb4bc5f0 | 201 | } |
| nexpaq | 0:6c56fb4bc5f0 | 202 | #else /* MBEDTLS_HAVE_TIME */ |
| nexpaq | 0:6c56fb4bc5f0 | 203 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 204 | * Reuse first entry in chain if max_entries reached, |
| nexpaq | 0:6c56fb4bc5f0 | 205 | * but move to last place |
| nexpaq | 0:6c56fb4bc5f0 | 206 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 207 | if( count >= cache->max_entries ) |
| nexpaq | 0:6c56fb4bc5f0 | 208 | { |
| nexpaq | 0:6c56fb4bc5f0 | 209 | if( cache->chain == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 210 | { |
| nexpaq | 0:6c56fb4bc5f0 | 211 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 212 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 213 | } |
| nexpaq | 0:6c56fb4bc5f0 | 214 | |
| nexpaq | 0:6c56fb4bc5f0 | 215 | cur = cache->chain; |
| nexpaq | 0:6c56fb4bc5f0 | 216 | cache->chain = cur->next; |
| nexpaq | 0:6c56fb4bc5f0 | 217 | cur->next = NULL; |
| nexpaq | 0:6c56fb4bc5f0 | 218 | prv->next = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 219 | } |
| nexpaq | 0:6c56fb4bc5f0 | 220 | #endif /* MBEDTLS_HAVE_TIME */ |
| nexpaq | 0:6c56fb4bc5f0 | 221 | else |
| nexpaq | 0:6c56fb4bc5f0 | 222 | { |
| nexpaq | 0:6c56fb4bc5f0 | 223 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 224 | * max_entries not reached, create new entry |
| nexpaq | 0:6c56fb4bc5f0 | 225 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 226 | cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); |
| nexpaq | 0:6c56fb4bc5f0 | 227 | if( cur == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 228 | { |
| nexpaq | 0:6c56fb4bc5f0 | 229 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 230 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 231 | } |
| nexpaq | 0:6c56fb4bc5f0 | 232 | |
| nexpaq | 0:6c56fb4bc5f0 | 233 | if( prv == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 234 | cache->chain = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 235 | else |
| nexpaq | 0:6c56fb4bc5f0 | 236 | prv->next = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 237 | } |
| nexpaq | 0:6c56fb4bc5f0 | 238 | |
| nexpaq | 0:6c56fb4bc5f0 | 239 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 240 | cur->timestamp = t; |
| nexpaq | 0:6c56fb4bc5f0 | 241 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 242 | } |
| nexpaq | 0:6c56fb4bc5f0 | 243 | |
| nexpaq | 0:6c56fb4bc5f0 | 244 | memcpy( &cur->session, session, sizeof( mbedtls_ssl_session ) ); |
| nexpaq | 0:6c56fb4bc5f0 | 245 | |
| nexpaq | 0:6c56fb4bc5f0 | 246 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| nexpaq | 0:6c56fb4bc5f0 | 247 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 248 | * If we're reusing an entry, free its certificate first |
| nexpaq | 0:6c56fb4bc5f0 | 249 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 250 | if( cur->peer_cert.p != NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 251 | { |
| nexpaq | 0:6c56fb4bc5f0 | 252 | mbedtls_free( cur->peer_cert.p ); |
| nexpaq | 0:6c56fb4bc5f0 | 253 | memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); |
| nexpaq | 0:6c56fb4bc5f0 | 254 | } |
| nexpaq | 0:6c56fb4bc5f0 | 255 | |
| nexpaq | 0:6c56fb4bc5f0 | 256 | /* |
| nexpaq | 0:6c56fb4bc5f0 | 257 | * Store peer certificate |
| nexpaq | 0:6c56fb4bc5f0 | 258 | */ |
| nexpaq | 0:6c56fb4bc5f0 | 259 | if( session->peer_cert != NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 260 | { |
| nexpaq | 0:6c56fb4bc5f0 | 261 | cur->peer_cert.p = mbedtls_calloc( 1, session->peer_cert->raw.len ); |
| nexpaq | 0:6c56fb4bc5f0 | 262 | if( cur->peer_cert.p == NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 263 | { |
| nexpaq | 0:6c56fb4bc5f0 | 264 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 265 | goto exit; |
| nexpaq | 0:6c56fb4bc5f0 | 266 | } |
| nexpaq | 0:6c56fb4bc5f0 | 267 | |
| nexpaq | 0:6c56fb4bc5f0 | 268 | memcpy( cur->peer_cert.p, session->peer_cert->raw.p, |
| nexpaq | 0:6c56fb4bc5f0 | 269 | session->peer_cert->raw.len ); |
| nexpaq | 0:6c56fb4bc5f0 | 270 | cur->peer_cert.len = session->peer_cert->raw.len; |
| nexpaq | 0:6c56fb4bc5f0 | 271 | |
| nexpaq | 0:6c56fb4bc5f0 | 272 | cur->session.peer_cert = NULL; |
| nexpaq | 0:6c56fb4bc5f0 | 273 | } |
| nexpaq | 0:6c56fb4bc5f0 | 274 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| nexpaq | 0:6c56fb4bc5f0 | 275 | |
| nexpaq | 0:6c56fb4bc5f0 | 276 | ret = 0; |
| nexpaq | 0:6c56fb4bc5f0 | 277 | |
| nexpaq | 0:6c56fb4bc5f0 | 278 | exit: |
| nexpaq | 0:6c56fb4bc5f0 | 279 | #if defined(MBEDTLS_THREADING_C) |
| nexpaq | 0:6c56fb4bc5f0 | 280 | if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) |
| nexpaq | 0:6c56fb4bc5f0 | 281 | ret = 1; |
| nexpaq | 0:6c56fb4bc5f0 | 282 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 283 | |
| nexpaq | 0:6c56fb4bc5f0 | 284 | return( ret ); |
| nexpaq | 0:6c56fb4bc5f0 | 285 | } |
| nexpaq | 0:6c56fb4bc5f0 | 286 | |
| nexpaq | 0:6c56fb4bc5f0 | 287 | #if defined(MBEDTLS_HAVE_TIME) |
| nexpaq | 0:6c56fb4bc5f0 | 288 | void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) |
| nexpaq | 0:6c56fb4bc5f0 | 289 | { |
| nexpaq | 0:6c56fb4bc5f0 | 290 | if( timeout < 0 ) timeout = 0; |
| nexpaq | 0:6c56fb4bc5f0 | 291 | |
| nexpaq | 0:6c56fb4bc5f0 | 292 | cache->timeout = timeout; |
| nexpaq | 0:6c56fb4bc5f0 | 293 | } |
| nexpaq | 0:6c56fb4bc5f0 | 294 | #endif /* MBEDTLS_HAVE_TIME */ |
| nexpaq | 0:6c56fb4bc5f0 | 295 | |
| nexpaq | 0:6c56fb4bc5f0 | 296 | void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) |
| nexpaq | 0:6c56fb4bc5f0 | 297 | { |
| nexpaq | 0:6c56fb4bc5f0 | 298 | if( max < 0 ) max = 0; |
| nexpaq | 0:6c56fb4bc5f0 | 299 | |
| nexpaq | 0:6c56fb4bc5f0 | 300 | cache->max_entries = max; |
| nexpaq | 0:6c56fb4bc5f0 | 301 | } |
| nexpaq | 0:6c56fb4bc5f0 | 302 | |
| nexpaq | 0:6c56fb4bc5f0 | 303 | void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) |
| nexpaq | 0:6c56fb4bc5f0 | 304 | { |
| nexpaq | 0:6c56fb4bc5f0 | 305 | mbedtls_ssl_cache_entry *cur, *prv; |
| nexpaq | 0:6c56fb4bc5f0 | 306 | |
| nexpaq | 0:6c56fb4bc5f0 | 307 | cur = cache->chain; |
| nexpaq | 0:6c56fb4bc5f0 | 308 | |
| nexpaq | 0:6c56fb4bc5f0 | 309 | while( cur != NULL ) |
| nexpaq | 0:6c56fb4bc5f0 | 310 | { |
| nexpaq | 0:6c56fb4bc5f0 | 311 | prv = cur; |
| nexpaq | 0:6c56fb4bc5f0 | 312 | cur = cur->next; |
| nexpaq | 0:6c56fb4bc5f0 | 313 | |
| nexpaq | 0:6c56fb4bc5f0 | 314 | mbedtls_ssl_session_free( &prv->session ); |
| nexpaq | 0:6c56fb4bc5f0 | 315 | |
| nexpaq | 0:6c56fb4bc5f0 | 316 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| nexpaq | 0:6c56fb4bc5f0 | 317 | mbedtls_free( prv->peer_cert.p ); |
| nexpaq | 0:6c56fb4bc5f0 | 318 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
| nexpaq | 0:6c56fb4bc5f0 | 319 | |
| nexpaq | 0:6c56fb4bc5f0 | 320 | mbedtls_free( prv ); |
| nexpaq | 0:6c56fb4bc5f0 | 321 | } |
| nexpaq | 0:6c56fb4bc5f0 | 322 | |
| nexpaq | 0:6c56fb4bc5f0 | 323 | #if defined(MBEDTLS_THREADING_C) |
| nexpaq | 0:6c56fb4bc5f0 | 324 | mbedtls_mutex_free( &cache->mutex ); |
| nexpaq | 0:6c56fb4bc5f0 | 325 | #endif |
| nexpaq | 0:6c56fb4bc5f0 | 326 | } |
| nexpaq | 0:6c56fb4bc5f0 | 327 | |
| nexpaq | 0:6c56fb4bc5f0 | 328 | #endif /* MBEDTLS_SSL_CACHE_C */ |