luna - wolfssl/src/ssl

   1/* ssl_sess.c
   2 *
   3 * Copyright (C) 2006-2026 wolfSSL Inc.
   4 *
   5 * This file is part of wolfSSL.
   6 *
   7 * wolfSSL is free software; you can redistribute it and/or modify
   8 * it under the terms of the GNU General Public License as published by
   9 * the Free Software Foundation; either version 3 of the License, or
  10 * (at your option) any later version.
  11 *
  12 * wolfSSL is distributed in the hope that it will be useful,
  13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15 * GNU General Public License for more details.
  16 *
  17 * You should have received a copy of the GNU General Public License
  18 * along with this program; if not, write to the Free Software
  19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20 */
  21
  22#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
  23
  24#if !defined(WOLFSSL_SSL_SESS_INCLUDED)
  25    #ifndef WOLFSSL_IGNORE_FILE_WARN
  26        #warning ssl_sess.c does not need to be compiled separately from ssl.c
  27    #endif
  28#else
  29
  30#ifndef NO_SESSION_CACHE
  31
  32    /* basic config gives a cache with 33 sessions, adequate for clients and
  33       embedded servers
  34
  35       TITAN_SESSION_CACHE allows just over 2 million sessions, for servers
  36       with titanic amounts of memory with long session ID timeouts and high
  37       levels of traffic.
  38
  39       ENABLE_SESSION_CACHE_ROW_LOCK: Allows row level locking for increased
  40       performance with large session caches
  41
  42       HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load,
  43       allows over 13,000 new sessions per minute or over 200 new sessions per
  44       second
  45
  46       BIG_SESSION_CACHE yields 20,027 sessions
  47
  48       MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that
  49       aren't under heavy load, basically allows 200 new sessions per minute
  50
  51       SMALL_SESSION_CACHE only stores 6 sessions, good for embedded clients
  52       or systems where the default of is too much RAM.
  53       SessionCache takes about 2K, ClientCache takes about 3Kbytes
  54
  55       MICRO_SESSION_CACHE only stores 1 session, good for embedded clients
  56       or systems where memory is at a premium.
  57       SessionCache takes about 400 bytes, ClientCache takes 576 bytes
  58
  59       default SESSION_CACHE stores 33 sessions (no XXX_SESSION_CACHE defined)
  60       SessionCache takes about 13K bytes, ClientCache takes 17K bytes
  61    */
  62    #if defined(TITAN_SESSION_CACHE)
  63        #define SESSIONS_PER_ROW 31
  64        #define SESSION_ROWS 64937
  65        #ifndef ENABLE_SESSION_CACHE_ROW_LOCK
  66            #define ENABLE_SESSION_CACHE_ROW_LOCK
  67        #endif
  68    #elif defined(HUGE_SESSION_CACHE)
  69        #define SESSIONS_PER_ROW 11
  70        #define SESSION_ROWS 5981
  71    #elif defined(BIG_SESSION_CACHE)
  72        #define SESSIONS_PER_ROW 7
  73        #define SESSION_ROWS 2861
  74    #elif defined(MEDIUM_SESSION_CACHE)
  75        #define SESSIONS_PER_ROW 5
  76        #define SESSION_ROWS 211
  77    #elif defined(SMALL_SESSION_CACHE)
  78        #define SESSIONS_PER_ROW 2
  79        #define SESSION_ROWS 3
  80    #elif defined(MICRO_SESSION_CACHE)
  81        #define SESSIONS_PER_ROW 1
  82        #define SESSION_ROWS 1
  83    #else
  84        #define SESSIONS_PER_ROW 3
  85        #define SESSION_ROWS 11
  86    #endif
  87    #define INVALID_SESSION_ROW (-1)
  88
  89    #ifdef NO_SESSION_CACHE_ROW_LOCK
  90        #undef ENABLE_SESSION_CACHE_ROW_LOCK
  91    #endif
  92
  93    typedef struct SessionRow {
  94        int nextIdx;                           /* where to place next one   */
  95        int totalCount;                        /* sessions ever on this row */
  96#ifdef SESSION_CACHE_DYNAMIC_MEM
  97        WOLFSSL_SESSION* Sessions[SESSIONS_PER_ROW];
  98        void* heap;
  99#else
 100        WOLFSSL_SESSION Sessions[SESSIONS_PER_ROW];
 101#endif
 102
 103    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 104        /* not included in import/export */
 105        wolfSSL_RwLock row_lock;
 106        int lock_valid;
 107    #endif
 108    } SessionRow;
 109    #define SIZEOF_SESSION_ROW (sizeof(WOLFSSL_SESSION) + (sizeof(int) * 2))
 110
 111    static WC_THREADSHARED SessionRow SessionCache[SESSION_ROWS];
 112
 113    #if defined(WOLFSSL_SESSION_STATS) && defined(WOLFSSL_PEAK_SESSIONS)
 114        static WC_THREADSHARED word32 PeakSessions;
 115    #endif
 116
 117    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 118    #define SESSION_ROW_RD_LOCK(row)   wc_LockRwLock_Rd(&(row)->row_lock)
 119    #define SESSION_ROW_WR_LOCK(row)   wc_LockRwLock_Wr(&(row)->row_lock)
 120    #define SESSION_ROW_UNLOCK(row)    wc_UnLockRwLock(&(row)->row_lock);
 121    #else
 122    static WC_THREADSHARED wolfSSL_RwLock session_lock; /* SessionCache lock */
 123    static WC_THREADSHARED int session_lock_valid = 0;
 124    #define SESSION_ROW_RD_LOCK(row)   wc_LockRwLock_Rd(&session_lock)
 125    #define SESSION_ROW_WR_LOCK(row)   wc_LockRwLock_Wr(&session_lock)
 126    #define SESSION_ROW_UNLOCK(row)    wc_UnLockRwLock(&session_lock);
 127    #endif
 128
 129    #if !defined(NO_SESSION_CACHE_REF) && defined(NO_CLIENT_CACHE)
 130    #error ClientCache is required when not using NO_SESSION_CACHE_REF
 131    #endif
 132
 133    #ifndef NO_CLIENT_CACHE
 134
 135        #ifndef CLIENT_SESSIONS_MULTIPLIER
 136            #ifdef NO_SESSION_CACHE_REF
 137                #define CLIENT_SESSIONS_MULTIPLIER 1
 138            #else
 139                /* ClientSession objects are lightweight (compared to
 140                 * WOLFSSL_SESSION) so to decrease chance that user will reuse
 141                 * the wrong session, increase the ClientCache size. This will
 142                 * make the entire ClientCache about the size of one
 143                 * WOLFSSL_SESSION object. */
 144                #define CLIENT_SESSIONS_MULTIPLIER 8
 145            #endif
 146        #endif
 147        #define CLIENT_SESSIONS_PER_ROW \
 148                                (SESSIONS_PER_ROW * CLIENT_SESSIONS_MULTIPLIER)
 149        #define CLIENT_SESSION_ROWS (SESSION_ROWS * CLIENT_SESSIONS_MULTIPLIER)
 150
 151        #if CLIENT_SESSIONS_PER_ROW > 65535
 152        #error CLIENT_SESSIONS_PER_ROW too big
 153        #endif
 154        #if CLIENT_SESSION_ROWS > 65535
 155        #error CLIENT_SESSION_ROWS too big
 156        #endif
 157
 158        struct ClientSession {
 159            word16 serverRow;            /* SessionCache Row id */
 160            word16 serverIdx;            /* SessionCache Idx (column) */
 161            word32 sessionIDHash;
 162        };
 163    #ifndef WOLFSSL_CLIENT_SESSION_DEFINED
 164        typedef struct ClientSession ClientSession;
 165        #define WOLFSSL_CLIENT_SESSION_DEFINED
 166    #endif
 167
 168        typedef struct ClientRow {
 169            int nextIdx;                /* where to place next one   */
 170            int totalCount;             /* sessions ever on this row */
 171            ClientSession Clients[CLIENT_SESSIONS_PER_ROW];
 172        } ClientRow;
 173
 174        static WC_THREADSHARED ClientRow ClientCache[CLIENT_SESSION_ROWS];
 175                                                     /* Client Cache */
 176                                                     /* uses session mutex */
 177
 178        /* ClientCache mutex */
 179        static WC_THREADSHARED wolfSSL_Mutex clisession_mutex
 180            WOLFSSL_MUTEX_INITIALIZER_CLAUSE(clisession_mutex);
 181        #ifndef WOLFSSL_MUTEX_INITIALIZER
 182        static WC_THREADSHARED int clisession_mutex_valid = 0;
 183        #endif
 184    #endif /* !NO_CLIENT_CACHE */
 185
 186    void EvictSessionFromCache(WOLFSSL_SESSION* session)
 187    {
 188#ifdef HAVE_EX_DATA
 189        byte save_ownExData = session->ownExData;
 190        session->ownExData = 1; /* Make sure ex_data access doesn't lead back
 191                                 * into the cache. */
 192#endif
 193#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
 194        if (session->rem_sess_cb != NULL) {
 195            session->rem_sess_cb(NULL, session);
 196            session->rem_sess_cb = NULL;
 197        }
 198#endif
 199        ForceZero(session->masterSecret, SECRET_LEN);
 200        XMEMSET(session->sessionID, 0, ID_LEN);
 201        session->sessionIDSz = 0;
 202#ifdef HAVE_SESSION_TICKET
 203        if (session->ticketLenAlloc > 0) {
 204            XFREE(session->ticket, NULL, DYNAMIC_TYPE_SESSION_TICK);
 205            session->ticket = session->staticTicket;
 206            session->ticketLen = 0;
 207            session->ticketLenAlloc = 0;
 208        }
 209#endif
 210#ifdef HAVE_EX_DATA
 211        session->ownExData = save_ownExData;
 212#endif
 213
 214#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) &&                  \
 215    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
 216    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
 217        if ((session->ticketNonce.data != NULL) &&
 218            (session->ticketNonce.data != session->ticketNonce.dataStatic))
 219        {
 220            XFREE(session->ticketNonce.data, NULL, DYNAMIC_TYPE_SESSION_TICK);
 221            session->ticketNonce.data = NULL;
 222        }
 223#endif
 224    }
 225
 226WOLFSSL_ABI
 227WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl)
 228{
 229    WOLFSSL_ENTER("wolfSSL_get_session");
 230    if (ssl) {
 231#ifdef NO_SESSION_CACHE_REF
 232        return ssl->session;
 233#else
 234        if (ssl->options.side == WOLFSSL_CLIENT_END) {
 235            /* On the client side we want to return a persistent reference for
 236             * backwards compatibility. */
 237#ifndef NO_CLIENT_CACHE
 238            if (ssl->clientSession) {
 239                return (WOLFSSL_SESSION*)ssl->clientSession;
 240            }
 241            else {
 242                /* Try to add a ClientCache entry to associate with the current
 243                 * session. Ignore any session cache options. */
 244                int err;
 245                const byte* id = ssl->session->sessionID;
 246                byte idSz = ssl->session->sessionIDSz;
 247                if (ssl->session->haveAltSessionID) {
 248                    id = ssl->session->altSessionID;
 249                    idSz = ID_LEN;
 250                }
 251                err = AddSessionToCache(ssl->ctx, ssl->session, id, idSz,
 252                        NULL, ssl->session->side,
 253                #ifdef HAVE_SESSION_TICKET
 254                        ssl->session->ticketLen > 0,
 255                #else
 256                        0,
 257                #endif
 258                        &ssl->clientSession);
 259                if (err == 0) {
 260                    return (WOLFSSL_SESSION*)ssl->clientSession;
 261                }
 262            }
 263#endif
 264        }
 265        else {
 266            return ssl->session;
 267        }
 268#endif
 269    }
 270
 271    return NULL;
 272}
 273
 274/* The get1 version requires caller to call SSL_SESSION_free */
 275WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl)
 276{
 277    WOLFSSL_SESSION* sess = NULL;
 278    WOLFSSL_ENTER("wolfSSL_get1_session");
 279    if (ssl != NULL) {
 280        sess = ssl->session;
 281        if (sess != NULL) {
 282            /* increase reference count if allocated session */
 283            if (sess->type == WOLFSSL_SESSION_TYPE_HEAP) {
 284                if (wolfSSL_SESSION_up_ref(sess) != WOLFSSL_SUCCESS)
 285                    sess = NULL;
 286            }
 287        }
 288    }
 289    return sess;
 290}
 291
 292/* session is a private struct, return if it is setup or not */
 293int wolfSSL_SessionIsSetup(WOLFSSL_SESSION* session)
 294{
 295    if (session != NULL)
 296        return session->isSetup;
 297    return 0;
 298}
 299
 300/*
 301 * Sets the session object to use when establishing a TLS/SSL session using
 302 * the ssl object. Therefore, this function must be called before
 303 * wolfSSL_connect. The session object to use can be obtained in a previous
 304 * TLS/SSL connection using wolfSSL_get_session.
 305 *
 306 * This function rejects the session if it has been expired when this function
 307 * is called. Note that this expiration check is wolfSSL specific and differs
 308 * from OpenSSL return code behavior.
 309 *
 310 * By default, wolfSSL_set_session returns WOLFSSL_SUCCESS on successfully
 311 * setting the session, WOLFSSL_FAILURE on failure due to the session cache
 312 * being disabled, or the session has expired.
 313 *
 314 * To match OpenSSL return code behavior when session is expired, define
 315 * OPENSSL_EXTRA and WOLFSSL_ERROR_CODE_OPENSSL. This behavior will return
 316 * WOLFSSL_SUCCESS even when the session is expired and rejected.
 317 */
 318WOLFSSL_ABI
 319int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session)
 320{
 321    WOLFSSL_ENTER("wolfSSL_set_session");
 322    if (session)
 323        return wolfSSL_SetSession(ssl, session);
 324
 325    return WOLFSSL_FAILURE;
 326}
 327
 328
 329#ifndef NO_CLIENT_CACHE
 330
 331/* Associate client session with serverID, find existing or store for saving
 332   if newSession flag on, don't reuse existing session
 333   WOLFSSL_SUCCESS on ok */
 334int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
 335{
 336    WOLFSSL_SESSION* session = NULL;
 337    byte idHash[SERVER_ID_LEN];
 338
 339    WOLFSSL_ENTER("wolfSSL_SetServerID");
 340
 341    if (ssl == NULL || id == NULL || len <= 0)
 342        return BAD_FUNC_ARG;
 343
 344    if (len > SERVER_ID_LEN) {
 345#if defined(NO_SHA) && !defined(NO_SHA256)
 346        if (wc_Sha256Hash(id, len, idHash) != 0)
 347            return WOLFSSL_FAILURE;
 348#else
 349        if (wc_ShaHash(id, (word32)len, idHash) != 0)
 350            return WOLFSSL_FAILURE;
 351#endif
 352        id = idHash;
 353        len = SERVER_ID_LEN;
 354    }
 355
 356    if (newSession == 0) {
 357        session = wolfSSL_GetSessionClient(ssl, id, len);
 358        if (session) {
 359            if (wolfSSL_SetSession(ssl, session) != WOLFSSL_SUCCESS) {
 360            #ifdef HAVE_EXT_CACHE
 361                wolfSSL_FreeSession(ssl->ctx, session);
 362            #endif
 363                WOLFSSL_MSG("wolfSSL_SetSession failed");
 364                session = NULL;
 365            }
 366        }
 367    }
 368
 369    if (session == NULL) {
 370        WOLFSSL_MSG("Valid ServerID not cached already");
 371
 372        ssl->session->idLen = (word16)len;
 373        XMEMCPY(ssl->session->serverID, id, (size_t)len);
 374    }
 375#ifdef HAVE_EXT_CACHE
 376    else {
 377        wolfSSL_FreeSession(ssl->ctx, session);
 378    }
 379#endif
 380
 381    return WOLFSSL_SUCCESS;
 382}
 383
 384#endif /* !NO_CLIENT_CACHE */
 385
 386/* TODO: Add SESSION_CACHE_DYNAMIC_MEM support for PERSIST_SESSION_CACHE.
 387 * Need a count of current sessions to get an accurate memsize (totalCount is
 388 * not decremented when sessions are removed).
 389 * Need to determine ideal layout for mem/filesave.
 390 * Also need mem/filesave checking to ensure not restoring non DYNAMIC_MEM
 391 * cache.
 392 */
 393#if defined(PERSIST_SESSION_CACHE) && !defined(SESSION_CACHE_DYNAMIC_MEM)
 394
 395/* for persistence, if changes to layout need to increment and modify
 396   save_session_cache() and restore_session_cache and memory versions too */
 397#define WOLFSSL_CACHE_VERSION 2
 398
 399/* Session Cache Header information */
 400typedef struct {
 401    int version;     /* cache layout version id */
 402    int rows;        /* session rows */
 403    int columns;     /* session columns */
 404    int sessionSz;   /* sizeof WOLFSSL_SESSION */
 405} cache_header_t;
 406
 407/* current persistence layout is:
 408
 409   1) cache_header_t
 410   2) SessionCache
 411   3) ClientCache
 412
 413   update WOLFSSL_CACHE_VERSION if change layout for the following
 414   PERSISTENT_SESSION_CACHE functions
 415*/
 416
 417/* get how big the the session cache save buffer needs to be */
 418int wolfSSL_get_session_cache_memsize(void)
 419{
 420    int sz  = (int)(sizeof(SessionCache) + sizeof(cache_header_t));
 421#ifndef NO_CLIENT_CACHE
 422    sz += (int)(sizeof(ClientCache));
 423#endif
 424    return sz;
 425}
 426
 427
 428/* Persist session cache to memory */
 429int wolfSSL_memsave_session_cache(void* mem, int sz)
 430{
 431    int i;
 432    cache_header_t cache_header;
 433    SessionRow*    row;
 434
 435    WOLFSSL_ENTER("wolfSSL_memsave_session_cache");
 436
 437    if (mem == NULL) {
 438        return BAD_FUNC_ARG;
 439    }
 440
 441    row = (SessionRow*)((byte*)mem + sizeof(cache_header));
 442
 443    if (sz < wolfSSL_get_session_cache_memsize()) {
 444        WOLFSSL_MSG("Memory buffer too small");
 445        return BUFFER_E;
 446    }
 447
 448    cache_header.version   = WOLFSSL_CACHE_VERSION;
 449    cache_header.rows      = SESSION_ROWS;
 450    cache_header.columns   = SESSIONS_PER_ROW;
 451    cache_header.sessionSz = (int)sizeof(WOLFSSL_SESSION);
 452    XMEMCPY(mem, &cache_header, sizeof(cache_header));
 453
 454#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 455    if (SESSION_ROW_RD_LOCK(row) != 0) {
 456        WOLFSSL_MSG("Session cache mutex lock failed");
 457        return BAD_MUTEX_E;
 458    }
 459#endif
 460    for (i = 0; i < cache_header.rows; ++i) {
 461    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 462        if (SESSION_ROW_RD_LOCK(&SessionCache[i]) != 0) {
 463            WOLFSSL_MSG("Session row cache mutex lock failed");
 464            return BAD_MUTEX_E;
 465        }
 466    #endif
 467
 468        XMEMCPY(row++, &SessionCache[i], SIZEOF_SESSION_ROW);
 469    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 470        SESSION_ROW_UNLOCK(&SessionCache[i]);
 471    #endif
 472    }
 473#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 474    SESSION_ROW_UNLOCK(row);
 475#endif
 476
 477#ifndef NO_CLIENT_CACHE
 478    if (wc_LockMutex(&clisession_mutex) != 0) {
 479        WOLFSSL_MSG("Client cache mutex lock failed");
 480        return BAD_MUTEX_E;
 481    }
 482    XMEMCPY(row, ClientCache, sizeof(ClientCache));
 483    wc_UnLockMutex(&clisession_mutex);
 484#endif
 485
 486    WOLFSSL_LEAVE("wolfSSL_memsave_session_cache", WOLFSSL_SUCCESS);
 487
 488    return WOLFSSL_SUCCESS;
 489}
 490
 491
 492#if !defined(SESSION_CACHE_DYNAMIC_MEM) && \
 493    (defined(HAVE_SESSION_TICKET) || \
 494    (defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)))
 495static void SessionSanityPointerSet(SessionRow* row)
 496{
 497    int j;
 498
 499    /* Reset pointers to safe values after raw copy */
 500    for (j = 0; j < SESSIONS_PER_ROW; j++) {
 501        WOLFSSL_SESSION* s = &row->Sessions[j];
 502#ifdef HAVE_SESSION_TICKET
 503        s->ticket = s->staticTicket;
 504        s->ticketLenAlloc = 0;
 505        if (s->ticketLen > SESSION_TICKET_LEN) {
 506            s->ticketLen = SESSION_TICKET_LEN;
 507        }
 508#endif
 509#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) &&                 \
 510    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
 511    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
 512        s->ticketNonce.data = s->ticketNonce.dataStatic;
 513        if (s->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ) {
 514            s->ticketNonce.len = MAX_TICKET_NONCE_STATIC_SZ;
 515        }
 516#endif
 517#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
 518        s->peer = NULL;
 519#endif
 520    }
 521}
 522#endif
 523
 524/* Restore the persistent session cache from memory */
 525int wolfSSL_memrestore_session_cache(const void* mem, int sz)
 526{
 527    int    i;
 528    cache_header_t cache_header;
 529    SessionRow*    row;
 530
 531    WOLFSSL_ENTER("wolfSSL_memrestore_session_cache");
 532
 533    if (mem == NULL) {
 534        return BAD_FUNC_ARG;
 535    }
 536
 537    row = (SessionRow*)((byte*)mem + sizeof(cache_header));
 538
 539    if (sz < wolfSSL_get_session_cache_memsize()) {
 540        WOLFSSL_MSG("Memory buffer too small");
 541        return BUFFER_E;
 542    }
 543
 544    XMEMCPY(&cache_header, mem, sizeof(cache_header));
 545    if (cache_header.version   != WOLFSSL_CACHE_VERSION ||
 546        cache_header.rows      != SESSION_ROWS ||
 547        cache_header.columns   != SESSIONS_PER_ROW ||
 548        cache_header.sessionSz != (int)sizeof(WOLFSSL_SESSION)) {
 549
 550        WOLFSSL_MSG("Session cache header match failed");
 551        return CACHE_MATCH_ERROR;
 552    }
 553
 554#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 555    if (SESSION_ROW_WR_LOCK(&SessionCache[0]) != 0) {
 556        WOLFSSL_MSG("Session cache mutex lock failed");
 557        return BAD_MUTEX_E;
 558    }
 559#endif
 560    for (i = 0; i < cache_header.rows; ++i) {
 561    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 562        if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
 563            WOLFSSL_MSG("Session row cache mutex lock failed");
 564            return BAD_MUTEX_E;
 565        }
 566    #endif
 567
 568        XMEMCPY(&SessionCache[i], row++, SIZEOF_SESSION_ROW);
 569    #if !defined(SESSION_CACHE_DYNAMIC_MEM) && \
 570        (defined(HAVE_SESSION_TICKET) || \
 571        (defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)))
 572        SessionSanityPointerSet(&SessionCache[i]);
 573    #endif
 574    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 575        SESSION_ROW_UNLOCK(&SessionCache[i]);
 576    #endif
 577    }
 578#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 579    SESSION_ROW_UNLOCK(&SessionCache[0]);
 580#endif
 581
 582#ifndef NO_CLIENT_CACHE
 583    if (wc_LockMutex(&clisession_mutex) != 0) {
 584        WOLFSSL_MSG("Client cache mutex lock failed");
 585        return BAD_MUTEX_E;
 586    }
 587    XMEMCPY(ClientCache, row, sizeof(ClientCache));
 588    wc_UnLockMutex(&clisession_mutex);
 589#endif
 590
 591    WOLFSSL_LEAVE("wolfSSL_memrestore_session_cache", WOLFSSL_SUCCESS);
 592
 593    return WOLFSSL_SUCCESS;
 594}
 595
 596#if !defined(NO_FILESYSTEM)
 597
 598/* Persist session cache to file */
 599/* doesn't use memsave because of additional memory use */
 600int wolfSSL_save_session_cache(const char *fname)
 601{
 602    XFILE  file;
 603    int    ret;
 604    int    rc = WOLFSSL_SUCCESS;
 605    int    i;
 606    cache_header_t cache_header;
 607
 608    WOLFSSL_ENTER("wolfSSL_save_session_cache");
 609
 610    file = XFOPEN(fname, "w+b");
 611    if (file == XBADFILE) {
 612        WOLFSSL_MSG("Couldn't open session cache save file");
 613        return WOLFSSL_BAD_FILE;
 614    }
 615    cache_header.version   = WOLFSSL_CACHE_VERSION;
 616    cache_header.rows      = SESSION_ROWS;
 617    cache_header.columns   = SESSIONS_PER_ROW;
 618    cache_header.sessionSz = (int)sizeof(WOLFSSL_SESSION);
 619
 620    /* cache header */
 621    ret = (int)XFWRITE(&cache_header, sizeof cache_header, 1, file);
 622    if (ret != 1) {
 623        WOLFSSL_MSG("Session cache header file write failed");
 624        XFCLOSE(file);
 625        return FWRITE_ERROR;
 626    }
 627
 628#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 629    if (SESSION_ROW_RD_LOCK(&SessionCache[0]) != 0) {
 630        WOLFSSL_MSG("Session cache mutex lock failed");
 631        XFCLOSE(file);
 632        return BAD_MUTEX_E;
 633    }
 634#endif
 635    /* session cache */
 636    for (i = 0; i < cache_header.rows; ++i) {
 637    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 638        if (SESSION_ROW_RD_LOCK(&SessionCache[i]) != 0) {
 639            WOLFSSL_MSG("Session row cache mutex lock failed");
 640            XFCLOSE(file);
 641            return BAD_MUTEX_E;
 642        }
 643    #endif
 644
 645        ret = (int)XFWRITE(&SessionCache[i], SIZEOF_SESSION_ROW, 1, file);
 646    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 647        SESSION_ROW_UNLOCK(&SessionCache[i]);
 648    #endif
 649        if (ret != 1) {
 650            WOLFSSL_MSG("Session cache member file write failed");
 651            rc = FWRITE_ERROR;
 652            break;
 653        }
 654    }
 655#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 656    SESSION_ROW_UNLOCK(&SessionCache[0]);
 657#endif
 658
 659#ifndef NO_CLIENT_CACHE
 660    /* client cache */
 661    if (wc_LockMutex(&clisession_mutex) != 0) {
 662        WOLFSSL_MSG("Client cache mutex lock failed");
 663        XFCLOSE(file);
 664        return BAD_MUTEX_E;
 665    }
 666    ret = (int)XFWRITE(ClientCache, sizeof(ClientCache), 1, file);
 667    if (ret != 1) {
 668        WOLFSSL_MSG("Client cache member file write failed");
 669        rc = FWRITE_ERROR;
 670    }
 671    wc_UnLockMutex(&clisession_mutex);
 672#endif /* !NO_CLIENT_CACHE */
 673
 674    XFCLOSE(file);
 675    WOLFSSL_LEAVE("wolfSSL_save_session_cache", rc);
 676
 677    return rc;
 678}
 679
 680
 681/* Restore the persistent session cache from file */
 682/* doesn't use memstore because of additional memory use */
 683int wolfSSL_restore_session_cache(const char *fname)
 684{
 685    XFILE  file;
 686    int    rc = WOLFSSL_SUCCESS;
 687    int    ret;
 688    int    i;
 689    cache_header_t cache_header;
 690
 691    WOLFSSL_ENTER("wolfSSL_restore_session_cache");
 692
 693    file = XFOPEN(fname, "rb");
 694    if (file == XBADFILE) {
 695        WOLFSSL_MSG("Couldn't open session cache save file");
 696        return WOLFSSL_BAD_FILE;
 697    }
 698    /* cache header */
 699    ret = (int)XFREAD(&cache_header, sizeof(cache_header), 1, file);
 700    if (ret != 1) {
 701        WOLFSSL_MSG("Session cache header file read failed");
 702        XFCLOSE(file);
 703        return FREAD_ERROR;
 704    }
 705    if (cache_header.version   != WOLFSSL_CACHE_VERSION ||
 706        cache_header.rows      != SESSION_ROWS ||
 707        cache_header.columns   != SESSIONS_PER_ROW ||
 708        cache_header.sessionSz != (int)sizeof(WOLFSSL_SESSION)) {
 709
 710        WOLFSSL_MSG("Session cache header match failed");
 711        XFCLOSE(file);
 712        return CACHE_MATCH_ERROR;
 713    }
 714
 715#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 716    if (SESSION_ROW_WR_LOCK(&SessionCache[0]) != 0) {
 717        WOLFSSL_MSG("Session cache mutex lock failed");
 718        XFCLOSE(file);
 719        return BAD_MUTEX_E;
 720    }
 721#endif
 722    /* session cache */
 723    for (i = 0; i < cache_header.rows; ++i) {
 724    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 725        if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
 726            WOLFSSL_MSG("Session row cache mutex lock failed");
 727            XFCLOSE(file);
 728            return BAD_MUTEX_E;
 729        }
 730    #endif
 731
 732        ret = (int)XFREAD(&SessionCache[i], SIZEOF_SESSION_ROW, 1, file);
 733    #if !defined(SESSION_CACHE_DYNAMIC_MEM) && \
 734        (defined(HAVE_SESSION_TICKET) || \
 735        (defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)))
 736        SessionSanityPointerSet(&SessionCache[i]);
 737    #endif
 738    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
 739        SESSION_ROW_UNLOCK(&SessionCache[i]);
 740    #endif
 741        if (ret != 1) {
 742            WOLFSSL_MSG("Session cache member file read failed");
 743            XMEMSET(SessionCache, 0, sizeof SessionCache);
 744            rc = FREAD_ERROR;
 745            break;
 746        }
 747    }
 748#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
 749    SESSION_ROW_UNLOCK(&SessionCache[0]);
 750#endif
 751
 752#ifndef NO_CLIENT_CACHE
 753    /* client cache */
 754    if (wc_LockMutex(&clisession_mutex) != 0) {
 755        WOLFSSL_MSG("Client cache mutex lock failed");
 756        XFCLOSE(file);
 757        return BAD_MUTEX_E;
 758    }
 759    ret = (int)XFREAD(ClientCache, sizeof(ClientCache), 1, file);
 760    if (ret != 1) {
 761        WOLFSSL_MSG("Client cache member file read failed");
 762        XMEMSET(ClientCache, 0, sizeof ClientCache);
 763        rc = FREAD_ERROR;
 764    }
 765    wc_UnLockMutex(&clisession_mutex);
 766#endif /* !NO_CLIENT_CACHE */
 767
 768    XFCLOSE(file);
 769    WOLFSSL_LEAVE("wolfSSL_restore_session_cache", rc);
 770
 771    return rc;
 772}
 773
 774#endif /* !NO_FILESYSTEM */
 775#endif /* PERSIST_SESSION_CACHE && !SESSION_CACHE_DYNAMIC_MEM */
 776
 777
 778/* on by default if built in but allow user to turn off */
 779WOLFSSL_ABI
 780long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
 781{
 782    WOLFSSL_ENTER("wolfSSL_CTX_set_session_cache_mode");
 783
 784    if (ctx == NULL)
 785        return WOLFSSL_FAILURE;
 786
 787    if (mode == WOLFSSL_SESS_CACHE_OFF) {
 788        ctx->sessionCacheOff = 1;
 789#ifdef HAVE_EXT_CACHE
 790        ctx->internalCacheOff = 1;
 791        ctx->internalCacheLookupOff = 1;
 792#endif
 793    }
 794
 795    if ((mode & WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR) != 0)
 796        ctx->sessionCacheFlushOff = 1;
 797
 798#ifdef HAVE_EXT_CACHE
 799    /* WOLFSSL_SESS_CACHE_NO_INTERNAL activates both if's */
 800    if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE) != 0)
 801        ctx->internalCacheOff = 1;
 802    if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP) != 0)
 803        ctx->internalCacheLookupOff = 1;
 804#endif
 805
 806    return WOLFSSL_SUCCESS;
 807}
 808
 809#ifdef OPENSSL_EXTRA
 810#ifdef HAVE_MAX_FRAGMENT
 811/* return the max fragment size set when handshake was negotiated */
 812unsigned char wolfSSL_SESSION_get_max_fragment_length(WOLFSSL_SESSION* session)
 813{
 814    session = ClientSessionToSession(session);
 815    if (session == NULL) {
 816        return 0;
 817    }
 818
 819    return session->mfl;
 820}
 821#endif
 822
 823
 824/* Get the session cache mode for CTX
 825 *
 826 * ctx  WOLFSSL_CTX struct to get cache mode from
 827 *
 828 * Returns a bit mask that has the session cache mode */
 829long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
 830{
 831    long m = 0;
 832
 833    WOLFSSL_ENTER("wolfSSL_CTX_get_session_cache_mode");
 834
 835    if (ctx == NULL) {
 836        return m;
 837    }
 838
 839    if (ctx->sessionCacheOff != 1) {
 840        m |= WOLFSSL_SESS_CACHE_SERVER;
 841    }
 842
 843    if (ctx->sessionCacheFlushOff == 1) {
 844        m |= WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR;
 845    }
 846
 847#ifdef HAVE_EXT_CACHE
 848    if (ctx->internalCacheOff == 1) {
 849        m |= WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE;
 850    }
 851    if (ctx->internalCacheLookupOff == 1) {
 852        m |= WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP;
 853    }
 854#endif
 855
 856    return m;
 857}
 858#endif /* OPENSSL_EXTRA */
 859
 860#endif /* !NO_SESSION_CACHE */
 861
 862#ifndef NO_SESSION_CACHE
 863
 864WOLFSSL_ABI
 865void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm)
 866{
 867    /* static table now, no flushing needed */
 868    (void)ctx;
 869    (void)tm;
 870}
 871
 872void wolfSSL_CTX_flush_sessions(WOLFSSL_CTX* ctx, long tm)
 873{
 874    int i, j;
 875
 876    (void)ctx;
 877    WOLFSSL_ENTER("wolfSSL_flush_sessions");
 878    for (i = 0; i < SESSION_ROWS; ++i) {
 879        if (SESSION_ROW_WR_LOCK(&SessionCache[i]) != 0) {
 880            WOLFSSL_MSG("Session cache mutex lock failed");
 881            return;
 882        }
 883        for (j = 0; j < SESSIONS_PER_ROW; j++) {
 884#ifdef SESSION_CACHE_DYNAMIC_MEM
 885            WOLFSSL_SESSION* s = SessionCache[i].Sessions[j];
 886#else
 887            WOLFSSL_SESSION* s = &SessionCache[i].Sessions[j];
 888#endif
 889            if (
 890#ifdef SESSION_CACHE_DYNAMIC_MEM
 891                s != NULL &&
 892#endif
 893                s->sessionIDSz > 0 &&
 894                s->bornOn + s->timeout < (word32)tm
 895                )
 896            {
 897                EvictSessionFromCache(s);
 898#ifdef SESSION_CACHE_DYNAMIC_MEM
 899                XFREE(s, s->heap, DYNAMIC_TYPE_SESSION);
 900                SessionCache[i].Sessions[j] = NULL;
 901#endif
 902            }
 903        }
 904        SESSION_ROW_UNLOCK(&SessionCache[i]);
 905    }
 906}
 907
 908
 909/* set ssl session timeout in seconds */
 910WOLFSSL_ABI
 911int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to)
 912{
 913    if (ssl == NULL)
 914        return BAD_FUNC_ARG;
 915
 916    if (to == 0)
 917        to = WOLFSSL_SESSION_TIMEOUT;
 918    ssl->timeout = to;
 919
 920    return WOLFSSL_SUCCESS;
 921}
 922
 923#ifndef NO_TLS
 924/**
 925 * Sets ctx session timeout in seconds.
 926 * The timeout value set here should be reflected in the
 927 * "session ticket lifetime hint" if this API works in the openssl compat-layer.
 928 * Therefore wolfSSL_CTX_set_TicketHint is called internally.
 929 * Arguments:
 930 *  - ctx  WOLFSSL_CTX object which the timeout is set to
 931 *  - to   timeout value in second
 932 * Returns:
 933 *  WOLFSSL_SUCCESS on success, BAD_FUNC_ARG on failure.
 934 *  When WOLFSSL_ERROR_CODE_OPENSSL is defined, returns previous timeout value
 935 *  on success, BAD_FUNC_ARG on failure.
 936 */
 937WOLFSSL_ABI
 938int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to)
 939{
 940    #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
 941    word32 prev_timeout = 0;
 942    #endif
 943
 944    int ret = WOLFSSL_SUCCESS;
 945    (void)ret;
 946
 947    if (ctx == NULL)
 948        ret = BAD_FUNC_ARG;
 949
 950    if (ret == WOLFSSL_SUCCESS) {
 951    #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
 952        prev_timeout = ctx->timeout;
 953    #endif
 954        if (to == 0) {
 955            ctx->timeout = WOLFSSL_SESSION_TIMEOUT;
 956        }
 957        else {
 958            ctx->timeout = to;
 959        }
 960    }
 961#if defined(OPENSSL_EXTRA) && defined(HAVE_SESSION_TICKET) && \
 962   !defined(NO_WOLFSSL_SERVER)
 963    if (ret == WOLFSSL_SUCCESS) {
 964        if (to == 0) {
 965            ret = wolfSSL_CTX_set_TicketHint(ctx, SESSION_TICKET_HINT_DEFAULT);
 966        }
 967        else {
 968            ret = wolfSSL_CTX_set_TicketHint(ctx, (int)to);
 969        }
 970    }
 971#endif /* OPENSSL_EXTRA && HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */
 972
 973#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
 974    if (ret == WOLFSSL_SUCCESS) {
 975        return (int)prev_timeout;
 976    }
 977    else {
 978        return ret;
 979    }
 980#else
 981    return ret;
 982#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
 983}
 984#endif /* !NO_TLS */
 985
 986#ifndef NO_CLIENT_CACHE
 987
 988/* Get Session from Client cache based on id/len, return NULL on failure */
 989WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
 990{
 991    WOLFSSL_SESSION* ret = NULL;
 992    word32          row;
 993    int             idx;
 994    int             count;
 995    int             error = 0;
 996    ClientSession*  clSess;
 997
 998    WOLFSSL_ENTER("wolfSSL_GetSessionClient");
 999
1000    if (ssl->ctx->sessionCacheOff) {
1001        WOLFSSL_MSG("Session Cache off");
1002        return NULL;
1003    }
1004
1005    if (ssl->options.side == WOLFSSL_SERVER_END)
1006        return NULL;
1007
1008    len = (int)min(SERVER_ID_LEN, (word32)len);
1009
1010    /* Do not access ssl->ctx->get_sess_cb from here. It is using a different
1011     * set of ID's */
1012
1013    row = HashObject(id, (word32)len, &error) % CLIENT_SESSION_ROWS;
1014    if (error != 0) {
1015        WOLFSSL_MSG("Hash session failed");
1016        return NULL;
1017    }
1018
1019    if (wc_LockMutex(&clisession_mutex) != 0) {
1020        WOLFSSL_MSG("Client cache mutex lock failed");
1021        return NULL;
1022    }
1023
1024    /* start from most recently used */
1025    count = (int)min((word32)ClientCache[row].totalCount,
1026        CLIENT_SESSIONS_PER_ROW);
1027    idx = ClientCache[row].nextIdx - 1;
1028    if (idx < 0 || idx >= CLIENT_SESSIONS_PER_ROW) {
1029        /* if back to front, the previous was end */
1030        idx = CLIENT_SESSIONS_PER_ROW - 1;
1031    }
1032    clSess = ClientCache[row].Clients;
1033
1034    for (; count > 0; --count) {
1035        WOLFSSL_SESSION* current;
1036        SessionRow* sessRow;
1037
1038        if (clSess[idx].serverRow >= SESSION_ROWS) {
1039            WOLFSSL_MSG("Client cache serverRow invalid");
1040            break;
1041        }
1042
1043        /* lock row */
1044        sessRow = &SessionCache[clSess[idx].serverRow];
1045        if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
1046            WOLFSSL_MSG("Session cache row lock failure");
1047            break;
1048        }
1049
1050#ifdef SESSION_CACHE_DYNAMIC_MEM
1051        current = sessRow->Sessions[clSess[idx].serverIdx];
1052#else
1053        current = &sessRow->Sessions[clSess[idx].serverIdx];
1054#endif
1055        if (current && XMEMCMP(current->serverID, id,
1056                                                     (unsigned long)len) == 0) {
1057            WOLFSSL_MSG("Found a serverid match for client");
1058            if (LowResTimer() < (current->bornOn + current->timeout)) {
1059                WOLFSSL_MSG("Session valid");
1060                ret = current;
1061                SESSION_ROW_UNLOCK(sessRow);
1062                break;
1063            } else {
1064                WOLFSSL_MSG("Session timed out");  /* could have more for id */
1065            }
1066        } else {
1067            WOLFSSL_MSG("ServerID not a match from client table");
1068        }
1069        SESSION_ROW_UNLOCK(sessRow);
1070
1071        idx = idx > 0 ? idx - 1 : CLIENT_SESSIONS_PER_ROW - 1;
1072    }
1073
1074    wc_UnLockMutex(&clisession_mutex);
1075
1076    return ret;
1077}
1078
1079#endif /* !NO_CLIENT_CACHE */
1080
1081static int SslSessionCacheOff(const WOLFSSL* ssl,
1082    const WOLFSSL_SESSION* session)
1083{
1084    (void)session;
1085    return ssl->options.sessionCacheOff
1086    #if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_FORCE_CACHE_ON_TICKET)
1087                && session->ticketLen == 0
1088    #endif
1089                ;
1090}
1091
1092#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
1093    defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
1094    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1095/**
1096 * SessionTicketNoncePrealloc() - prealloc a buffer for ticket nonces
1097 * @output: [in] pointer to WOLFSSL_SESSION object that will soon be a
1098 * destination of a session duplication
1099 * @buf: [out] address of the preallocated buf
1100 * @len: [out] len of the preallocated buf
1101 *
1102 * prealloc a buffer that will likely suffice to contain a ticket nonce. It's
1103 * used when copying session under lock, when syscalls need to be avoided. If
1104 * output already has a dynamic buffer, it's reused.
1105 */
1106static int SessionTicketNoncePrealloc(byte** buf, byte* len, void *heap)
1107{
1108    (void)heap;
1109
1110    *buf = (byte*)XMALLOC(PREALLOC_SESSION_TICKET_NONCE_LEN, heap,
1111        DYNAMIC_TYPE_SESSION_TICK);
1112    if (*buf == NULL) {
1113        WOLFSSL_MSG("Failed to preallocate ticket nonce buffer");
1114        *len = 0;
1115        return 1;
1116    }
1117
1118    *len = PREALLOC_SESSION_TICKET_NONCE_LEN;
1119    return 0;
1120}
1121#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
1122
1123static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
1124    WOLFSSL_SESSION* output, int avoidSysCalls, byte* ticketNonceBuf,
1125    byte* ticketNonceLen, byte* preallocUsed);
1126
1127void TlsSessionCacheUnlockRow(word32 row)
1128{
1129    SessionRow* sessRow;
1130
1131    sessRow = &SessionCache[row];
1132    (void)sessRow;
1133    SESSION_ROW_UNLOCK(sessRow);
1134}
1135
1136/* Don't use this function directly. Use TlsSessionCacheGetAndRdLock and
1137 * TlsSessionCacheGetAndWrLock to fully utilize compiler const support. */
1138static int TlsSessionCacheGetAndLock(const byte *id,
1139    const WOLFSSL_SESSION **sess, word32 *lockedRow, byte readOnly, byte side)
1140{
1141    SessionRow *sessRow;
1142    const WOLFSSL_SESSION *s;
1143    word32 row;
1144    int count;
1145    int error;
1146    int idx;
1147
1148    *sess = NULL;
1149    row = HashObject(id, ID_LEN, &error) % SESSION_ROWS;
1150    if (error != 0)
1151        return error;
1152    sessRow = &SessionCache[row];
1153    if (readOnly)
1154        error = SESSION_ROW_RD_LOCK(sessRow);
1155    else
1156        error = SESSION_ROW_WR_LOCK(sessRow);
1157    if (error != 0)
1158        return FATAL_ERROR;
1159
1160    /* start from most recently used */
1161    count = (int)min((word32)sessRow->totalCount, SESSIONS_PER_ROW);
1162    idx = sessRow->nextIdx - 1;
1163    if (idx < 0 || idx >= SESSIONS_PER_ROW) {
1164        idx = SESSIONS_PER_ROW - 1; /* if back to front, the previous was end */
1165    }
1166    for (; count > 0; --count) {
1167#ifdef SESSION_CACHE_DYNAMIC_MEM
1168        s = sessRow->Sessions[idx];
1169#else
1170        s = &sessRow->Sessions[idx];
1171#endif
1172        /* match session ID value and length */
1173        if (s && s->sessionIDSz == ID_LEN && s->side == side &&
1174                XMEMCMP(s->sessionID, id, ID_LEN) == 0) {
1175            *sess = s;
1176            break;
1177        }
1178        idx = idx > 0 ? idx - 1 : SESSIONS_PER_ROW - 1;
1179    }
1180    if (*sess == NULL) {
1181        SESSION_ROW_UNLOCK(sessRow);
1182    }
1183    else {
1184        *lockedRow = row;
1185    }
1186
1187    return 0;
1188}
1189
1190static int CheckSessionMatch(const WOLFSSL* ssl, const WOLFSSL_SESSION* sess)
1191{
1192    if (ssl == NULL || sess == NULL)
1193        return 0;
1194#ifdef OPENSSL_EXTRA
1195    if (ssl->sessionCtxSz > 0 && (ssl->sessionCtxSz != sess->sessionCtxSz ||
1196           XMEMCMP(ssl->sessionCtx, sess->sessionCtx, sess->sessionCtxSz) != 0))
1197        return 0;
1198#endif
1199    if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version))
1200        return 0;
1201    return 1;
1202}
1203
1204int TlsSessionCacheGetAndRdLock(const byte *id, const WOLFSSL_SESSION **sess,
1205        word32 *lockedRow, byte side)
1206{
1207    return TlsSessionCacheGetAndLock(id, sess, lockedRow, 1, side);
1208}
1209
1210int TlsSessionCacheGetAndWrLock(const byte *id, WOLFSSL_SESSION **sess,
1211        word32 *lockedRow, byte side)
1212{
1213    return TlsSessionCacheGetAndLock(id, (const WOLFSSL_SESSION**)sess,
1214            lockedRow, 0, side);
1215}
1216
1217int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
1218{
1219    const WOLFSSL_SESSION* sess = NULL;
1220    const byte*  id = NULL;
1221    word32       row;
1222    int          error = 0;
1223#ifdef HAVE_SESSION_TICKET
1224    WC_DECLARE_VAR(tmpTicket, byte, PREALLOC_SESSION_TICKET_LEN, 0);
1225#ifdef WOLFSSL_TLS13
1226    byte *preallocNonce = NULL;
1227    byte preallocNonceLen = 0;
1228    byte preallocNonceUsed = 0;
1229#endif /* WOLFSSL_TLS13 */
1230    byte         tmpBufSet = 0;
1231#endif
1232    byte         bogusID[ID_LEN];
1233    byte         bogusIDSz = 0;
1234
1235    WOLFSSL_ENTER("wolfSSL_GetSessionFromCache");
1236
1237    if (output == NULL) {
1238        WOLFSSL_MSG("NULL output");
1239        return WOLFSSL_FAILURE;
1240    }
1241
1242    if (SslSessionCacheOff(ssl, ssl->session))
1243        return WOLFSSL_FAILURE;
1244
1245    if (ssl->options.haveSessionId == 0 && !ssl->session->haveAltSessionID)
1246        return WOLFSSL_FAILURE;
1247
1248#ifdef HAVE_SESSION_TICKET
1249    if (ssl->options.side == WOLFSSL_SERVER_END && ssl->options.useTicket == 1)
1250        return WOLFSSL_FAILURE;
1251#endif
1252
1253    XMEMSET(bogusID, 0, sizeof(bogusID));
1254    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL
1255            && !ssl->session->haveAltSessionID)
1256        id = ssl->arrays->sessionID;
1257    else if (ssl->session->haveAltSessionID) {
1258        id = ssl->session->altSessionID;
1259        /* We want to restore the bogus ID for TLS compatibility */
1260        if (output == ssl->session) {
1261            XMEMCPY(bogusID, ssl->session->sessionID, ID_LEN);
1262            bogusIDSz = ssl->session->sessionIDSz;
1263        }
1264    }
1265    else
1266        id = ssl->session->sessionID;
1267
1268
1269#ifdef HAVE_EXT_CACHE
1270    if (ssl->ctx->get_sess_cb != NULL) {
1271        int copy = 0;
1272        int found = 0;
1273        WOLFSSL_SESSION* extSess;
1274        /* Attempt to retrieve the session from the external cache. */
1275        WOLFSSL_MSG("Calling external session cache");
1276        extSess = ssl->ctx->get_sess_cb(ssl, (byte*)id, ID_LEN, &copy);
1277        if ((extSess != NULL)
1278                && CheckSessionMatch(ssl, extSess)
1279            ) {
1280            WOLFSSL_MSG("Session found in external cache");
1281            found = 1;
1282
1283            error = wolfSSL_DupSession(extSess, output, 0);
1284#ifdef HAVE_EX_DATA
1285            extSess->ownExData = 1;
1286            output->ownExData = 0;
1287#endif
1288            /* We want to restore the bogus ID for TLS compatibility */
1289            if (ssl->session->haveAltSessionID &&
1290                    output == ssl->session) {
1291                XMEMCPY(ssl->session->sessionID, bogusID, ID_LEN);
1292                ssl->session->sessionIDSz = bogusIDSz;
1293            }
1294        }
1295        /* If copy not set then free immediately */
1296        if (extSess != NULL && !copy)
1297            wolfSSL_FreeSession(ssl->ctx, extSess);
1298        if (found)
1299            return error;
1300        WOLFSSL_MSG("Session not found in external cache");
1301    }
1302
1303    if (ssl->options.internalCacheLookupOff) {
1304        WOLFSSL_MSG("Internal cache lookup turned off");
1305        return WOLFSSL_FAILURE;
1306    }
1307#endif
1308
1309#ifdef HAVE_SESSION_TICKET
1310    if (output->ticket == NULL ||
1311            output->ticketLenAlloc < PREALLOC_SESSION_TICKET_LEN) {
1312#ifdef WOLFSSL_SMALL_STACK
1313        tmpTicket = (byte*)XMALLOC(PREALLOC_SESSION_TICKET_LEN, output->heap,
1314                DYNAMIC_TYPE_TMP_BUFFER);
1315        if (tmpTicket == NULL) {
1316            WOLFSSL_MSG("tmpTicket malloc failed");
1317            return WOLFSSL_FAILURE;
1318        }
1319#endif
1320        if (output->ticketLenAlloc)
1321            XFREE(output->ticket, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1322        /* cppcheck-suppress autoVariables */
1323        output->ticket = tmpTicket;
1324        output->ticketLenAlloc = PREALLOC_SESSION_TICKET_LEN;
1325        output->ticketLen = 0;
1326        tmpBufSet = 1;
1327    }
1328#endif
1329
1330#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
1331    if (output->peer != NULL) {
1332        wolfSSL_X509_free(output->peer);
1333        output->peer = NULL;
1334    }
1335#endif
1336
1337#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) &&                  \
1338    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
1339    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1340    if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
1341        XFREE(output->ticketNonce.data, output->heap,
1342            DYNAMIC_TYPE_SESSION_TICK);
1343        output->ticketNonce.data = output->ticketNonce.dataStatic;
1344        output->ticketNonce.len = 0;
1345    }
1346    error = SessionTicketNoncePrealloc(&preallocNonce, &preallocNonceLen,
1347        output->heap);
1348    if (error != 0) {
1349        if (tmpBufSet) {
1350            output->ticket = output->staticTicket;
1351            output->ticketLenAlloc = 0;
1352        }
1353        WC_FREE_VAR_EX(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
1354        return WOLFSSL_FAILURE;
1355    }
1356#endif /* WOLFSSL_TLS13 && HAVE_SESSION_TICKET*/
1357
1358    /* init to avoid clang static analyzer false positive */
1359    row = 0;
1360    error = TlsSessionCacheGetAndRdLock(id, &sess, &row,
1361        (byte)ssl->options.side);
1362    error = (error == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
1363    if (error != WOLFSSL_SUCCESS || sess == NULL) {
1364        WOLFSSL_MSG("Get Session from cache failed");
1365        error = WOLFSSL_FAILURE;
1366#ifdef HAVE_SESSION_TICKET
1367        if (tmpBufSet) {
1368            output->ticket = output->staticTicket;
1369            output->ticketLenAlloc = 0;
1370        }
1371#ifdef WOLFSSL_TLS13
1372        XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1373        preallocNonce = NULL;
1374#endif /* WOLFSSL_TLS13 */
1375#ifdef WOLFSSL_SMALL_STACK
1376        XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
1377        tmpTicket = NULL;
1378#endif
1379#endif
1380    }
1381    else {
1382        if (!CheckSessionMatch(ssl, sess)) {
1383            WOLFSSL_MSG("Invalid session: can't be used in this context");
1384            TlsSessionCacheUnlockRow(row);
1385            error = WOLFSSL_FAILURE;
1386        }
1387        else if (LowResTimer() >= (sess->bornOn + sess->timeout)) {
1388            WOLFSSL_SESSION* wrSess = NULL;
1389            WOLFSSL_MSG("Invalid session: timed out");
1390            sess = NULL;
1391            TlsSessionCacheUnlockRow(row);
1392            /* Attempt to get a write lock */
1393            error = TlsSessionCacheGetAndWrLock(id, &wrSess, &row,
1394                    (byte)ssl->options.side);
1395            if (error == 0 && wrSess != NULL) {
1396                EvictSessionFromCache(wrSess);
1397                TlsSessionCacheUnlockRow(row);
1398            }
1399            error = WOLFSSL_FAILURE;
1400        }
1401    }
1402
1403    /* mollify confused cppcheck nullPointer warning. */
1404    if (sess == NULL)
1405        error = WOLFSSL_FAILURE;
1406
1407    if (error == WOLFSSL_SUCCESS) {
1408#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13)
1409        error = wolfSSL_DupSessionEx(sess, output, 1,
1410            preallocNonce, &preallocNonceLen, &preallocNonceUsed);
1411#else
1412        error = wolfSSL_DupSession(sess, output, 1);
1413#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
1414#ifdef HAVE_EX_DATA
1415        output->ownExData = !sess->ownExData; /* Session may own ex_data */
1416#endif
1417        TlsSessionCacheUnlockRow(row);
1418    }
1419
1420    /* We want to restore the bogus ID for TLS compatibility */
1421    if (ssl->session->haveAltSessionID &&
1422            output == ssl->session) {
1423        XMEMCPY(ssl->session->sessionID, bogusID, ID_LEN);
1424        ssl->session->sessionIDSz = bogusIDSz;
1425    }
1426
1427#ifdef HAVE_SESSION_TICKET
1428    if (tmpBufSet) {
1429        if (error == WOLFSSL_SUCCESS) {
1430            if (output->ticketLen > SESSION_TICKET_LEN) {
1431                output->ticket = (byte*)XMALLOC(output->ticketLen, output->heap,
1432                        DYNAMIC_TYPE_SESSION_TICK);
1433                if (output->ticket == NULL) {
1434                    error = WOLFSSL_FAILURE;
1435                    output->ticket = output->staticTicket;
1436                    output->ticketLenAlloc = 0;
1437                    output->ticketLen = 0;
1438                }
1439            }
1440            else {
1441                output->ticket = output->staticTicket;
1442                output->ticketLenAlloc = 0;
1443            }
1444        }
1445        else {
1446            output->ticket = output->staticTicket;
1447            output->ticketLenAlloc = 0;
1448            output->ticketLen = 0;
1449        }
1450        if (error == WOLFSSL_SUCCESS) {
1451            /* cppcheck-suppress uninitvar */
1452            XMEMCPY(output->ticket, tmpTicket, output->ticketLen);
1453        }
1454    }
1455    WC_FREE_VAR_EX(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER);
1456
1457#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1458    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1459    if (error == WOLFSSL_SUCCESS && preallocNonceUsed) {
1460        if (preallocNonceLen < PREALLOC_SESSION_TICKET_NONCE_LEN) {
1461            /* buffer bigger than needed */
1462#ifndef XREALLOC
1463            output->ticketNonce.data = (byte*)XMALLOC(preallocNonceLen,
1464                output->heap, DYNAMIC_TYPE_SESSION_TICK);
1465            if (output->ticketNonce.data != NULL)
1466                XMEMCPY(output->ticketNonce.data, preallocNonce,
1467                    preallocNonceLen);
1468            XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1469            preallocNonce = NULL;
1470#else
1471            output->ticketNonce.data = (byte*)XREALLOC(preallocNonce,
1472                preallocNonceLen, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1473            if (output->ticketNonce.data != NULL) {
1474                /* don't free the reallocated pointer */
1475                preallocNonce = NULL;
1476            }
1477#endif /* !XREALLOC */
1478            if (output->ticketNonce.data == NULL) {
1479                output->ticketNonce.data = output->ticketNonce.dataStatic;
1480                output->ticketNonce.len = 0;
1481                error = WOLFSSL_FAILURE;
1482                /* preallocNonce will be free'd after the if */
1483            }
1484        }
1485        else {
1486            output->ticketNonce.data = preallocNonce;
1487            output->ticketNonce.len = preallocNonceLen;
1488            preallocNonce = NULL;
1489        }
1490    }
1491    XFREE(preallocNonce, output->heap, DYNAMIC_TYPE_SESSION_TICK);
1492#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
1493
1494#endif
1495
1496    return error;
1497}
1498
1499WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
1500        byte restoreSessionCerts)
1501{
1502    WOLFSSL_SESSION* ret = NULL;
1503
1504    (void)restoreSessionCerts; /* Kept for compatibility */
1505
1506    if (wolfSSL_GetSessionFromCache(ssl, ssl->session) == WOLFSSL_SUCCESS) {
1507        ret = ssl->session;
1508    }
1509    else {
1510        WOLFSSL_MSG("wolfSSL_GetSessionFromCache did not return a session");
1511    }
1512
1513    if (ret != NULL && masterSecret != NULL)
1514        XMEMCPY(masterSecret, ret->masterSecret, SECRET_LEN);
1515
1516    return ret;
1517}
1518
1519int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
1520{
1521    SessionRow* sessRow = NULL;
1522    int ret = WOLFSSL_SUCCESS;
1523
1524    session = ClientSessionToSession(session);
1525
1526    if (ssl == NULL || session == NULL || !session->isSetup) {
1527        WOLFSSL_MSG("ssl or session NULL or not set up");
1528        return WOLFSSL_FAILURE;
1529    }
1530
1531    /* We need to lock the session as the first step if its in the cache */
1532    if (session->type == WOLFSSL_SESSION_TYPE_CACHE) {
1533        if (session->cacheRow < SESSION_ROWS) {
1534            sessRow = &SessionCache[session->cacheRow];
1535            if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
1536                WOLFSSL_MSG("Session row lock failed");
1537                return WOLFSSL_FAILURE;
1538            }
1539        }
1540    }
1541
1542    if (ret == WOLFSSL_SUCCESS && ssl->options.side != WOLFSSL_NEITHER_END &&
1543            (byte)ssl->options.side != session->side) {
1544        WOLFSSL_MSG("Setting session for wrong role");
1545        ret = WOLFSSL_FAILURE;
1546    }
1547
1548    if (ret == WOLFSSL_SUCCESS) {
1549        if (ssl->session == session) {
1550            WOLFSSL_MSG("ssl->session and session same");
1551        }
1552        else if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
1553            if (wolfSSL_SESSION_up_ref(session) == WOLFSSL_SUCCESS) {
1554                wolfSSL_FreeSession(ssl->ctx, ssl->session);
1555                ssl->session = session;
1556            }
1557            else
1558                ret = WOLFSSL_FAILURE;
1559        }
1560        else {
1561            ret = wolfSSL_DupSession(session, ssl->session, 0);
1562            if (ret != WOLFSSL_SUCCESS)
1563                WOLFSSL_MSG("Session duplicate failed");
1564        }
1565    }
1566
1567    /* Let's copy over the altSessionID for local cache purposes */
1568    if (ret == WOLFSSL_SUCCESS && session->haveAltSessionID &&
1569            ssl->session != session) {
1570        ssl->session->haveAltSessionID = 1;
1571        XMEMCPY(ssl->session->altSessionID, session->altSessionID, ID_LEN);
1572    }
1573
1574    if (sessRow != NULL) {
1575        SESSION_ROW_UNLOCK(sessRow);
1576        sessRow = NULL;
1577    }
1578
1579    /* Note: the `session` variable cannot be used below, since the row is
1580     * un-locked */
1581
1582    if (ret != WOLFSSL_SUCCESS)
1583        return ret;
1584
1585#ifdef WOLFSSL_SESSION_ID_CTX
1586    /* check for application context id */
1587    if (ssl->sessionCtxSz > 0) {
1588        if (XMEMCMP(ssl->sessionCtx, ssl->session->sessionCtx,
1589                ssl->sessionCtxSz)) {
1590            /* context id did not match! */
1591            WOLFSSL_MSG("Session context did not match");
1592            return WOLFSSL_FAILURE;
1593        }
1594    }
1595#endif /* WOLFSSL_SESSION_ID_CTX */
1596
1597    if (LowResTimer() >= (ssl->session->bornOn + ssl->session->timeout)) {
1598#if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL)
1599        return WOLFSSL_FAILURE;  /* session timed out */
1600#else /* defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) */
1601        /* Return success for OpenSSL compatibility but do not carry the
1602         * expired session's version/cipher into ssl state, which would
1603         * otherwise pin the ClientHello to stale values. */
1604        WOLFSSL_MSG("Session is expired but return success for "
1605                    "OpenSSL compatibility");
1606        return WOLFSSL_SUCCESS;
1607#endif
1608    }
1609    ssl->options.resuming = 1;
1610    ssl->options.haveEMS = (ssl->session->haveEMS) ? 1 : 0;
1611
1612    if (ssl->session->version.major != 0) {
1613        ssl->version              = ssl->session->version;
1614        if (IsAtLeastTLSv1_3(ssl->version))
1615            ssl->options.tls1_3 = 1;
1616    }
1617#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
1618                    (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
1619    ssl->options.cipherSuite0 = ssl->session->cipherSuite0;
1620    ssl->options.cipherSuite  = ssl->session->cipherSuite;
1621#endif
1622#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
1623    ssl->peerVerifyRet = (unsigned long)ssl->session->peerVerifyRet;
1624#endif
1625
1626    return WOLFSSL_SUCCESS;
1627}
1628
1629
1630#ifdef WOLFSSL_SESSION_STATS
1631static int get_locked_session_stats(word32* active, word32* total,
1632                                    word32* peak);
1633#endif
1634
1635#ifndef NO_CLIENT_CACHE
1636ClientSession* AddSessionToClientCache(int side, int row, int idx,
1637    byte* serverID, word16 idLen, const byte* sessionID, word16 useTicket)
1638{
1639    int error = -1;
1640    word32 clientRow = 0, clientIdx = 0;
1641    ClientSession* ret = NULL;
1642
1643    (void)useTicket;
1644    if (side == WOLFSSL_CLIENT_END
1645            && row != INVALID_SESSION_ROW
1646            && (idLen
1647#ifdef HAVE_SESSION_TICKET
1648                || useTicket == 1
1649#endif
1650                || serverID != NULL
1651                )) {
1652
1653        WOLFSSL_MSG("Trying to add client cache entry");
1654
1655        if (idLen) {
1656            clientRow = HashObject(serverID,
1657                    idLen, &error) % CLIENT_SESSION_ROWS;
1658        }
1659        else if (serverID != NULL) {
1660            clientRow = HashObject(sessionID,
1661                    ID_LEN, &error) % CLIENT_SESSION_ROWS;
1662        }
1663        else {
1664            error = WOLFSSL_FATAL_ERROR;
1665        }
1666        if (error == 0 && wc_LockMutex(&clisession_mutex) == 0) {
1667            clientIdx = (word32)ClientCache[clientRow].nextIdx;
1668            if (clientIdx < CLIENT_SESSIONS_PER_ROW) {
1669                ClientCache[clientRow].Clients[clientIdx].serverRow =
1670                                                                (word16)row;
1671                ClientCache[clientRow].Clients[clientIdx].serverIdx =
1672                                                                (word16)idx;
1673                if (sessionID != NULL) {
1674                    word32 sessionIDHash = HashObject(sessionID, ID_LEN,
1675                                                      &error);
1676                    if (error == 0) {
1677                        ClientCache[clientRow].Clients[clientIdx].sessionIDHash
1678                            = sessionIDHash;
1679                    }
1680                }
1681            }
1682            else {
1683                error = WOLFSSL_FATAL_ERROR;
1684                ClientCache[clientRow].nextIdx = 0; /* reset index as safety */
1685                WOLFSSL_MSG("Invalid client cache index! "
1686                            "Possible corrupted memory");
1687            }
1688            if (error == 0) {
1689                WOLFSSL_MSG("Adding client cache entry");
1690
1691                ret = &ClientCache[clientRow].Clients[clientIdx];
1692
1693                if (ClientCache[clientRow].totalCount < CLIENT_SESSIONS_PER_ROW)
1694                    ClientCache[clientRow].totalCount++;
1695                ClientCache[clientRow].nextIdx++;
1696                ClientCache[clientRow].nextIdx %= CLIENT_SESSIONS_PER_ROW;
1697            }
1698
1699            wc_UnLockMutex(&clisession_mutex);
1700        }
1701        else {
1702            WOLFSSL_MSG("Hash session or lock failed");
1703        }
1704    }
1705    else {
1706        WOLFSSL_MSG("Skipping client cache");
1707    }
1708
1709    return ret;
1710}
1711#endif /* !NO_CLIENT_CACHE */
1712
1713/**
1714 * For backwards compatibility, this API needs to be used in *ALL* functions
1715 * that access the WOLFSSL_SESSION members directly.
1716 *
1717 * This API checks if the passed in session is actually a ClientSession object
1718 * and returns the matching session cache object. Otherwise just return the
1719 * input. ClientSession objects only occur in the ClientCache. They are not
1720 * allocated anywhere else.
1721 */
1722WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
1723{
1724    WOLFSSL_ENTER("ClientSessionToSession");
1725#ifdef NO_SESSION_CACHE_REF
1726    return (WOLFSSL_SESSION*)session;
1727#else
1728#ifndef NO_CLIENT_CACHE
1729    if (session == NULL)
1730        return NULL;
1731    /* Check if session points into ClientCache */
1732    if ((byte*)session >= (byte*)ClientCache &&
1733            /* Cast to byte* to make pointer arithmetic work per byte */
1734            (byte*)session < ((byte*)ClientCache) + sizeof(ClientCache)) {
1735        ClientSession* clientSession = (ClientSession*)session;
1736        SessionRow* sessRow = NULL;
1737        WOLFSSL_SESSION* cacheSession = NULL;
1738        word32 sessionIDHash = 0;
1739        int error = 0;
1740        session = NULL; /* Default to NULL for failure case */
1741        if (wc_LockMutex(&clisession_mutex) != 0) {
1742            WOLFSSL_MSG("Client cache mutex lock failed");
1743            return NULL;
1744        }
1745        if (clientSession->serverRow >= SESSION_ROWS ||
1746                clientSession->serverIdx >= SESSIONS_PER_ROW) {
1747            WOLFSSL_MSG("Client cache serverRow or serverIdx invalid");
1748            error = WOLFSSL_FATAL_ERROR;
1749        }
1750        if (error == 0) {
1751            /* Lock row */
1752            sessRow = &SessionCache[clientSession->serverRow];
1753            /* Prevent memory access before clientSession->serverRow and
1754             * clientSession->serverIdx are sanitized. */
1755            XFENCE();
1756            error = SESSION_ROW_RD_LOCK(sessRow);
1757            if (error != 0) {
1758                WOLFSSL_MSG("Session cache row lock failure");
1759                sessRow = NULL;
1760            }
1761        }
1762        if (error == 0) {
1763#ifdef SESSION_CACHE_DYNAMIC_MEM
1764            cacheSession = sessRow->Sessions[clientSession->serverIdx];
1765#else
1766            cacheSession = &sessRow->Sessions[clientSession->serverIdx];
1767#endif
1768            /* Prevent memory access */
1769            XFENCE();
1770            if (cacheSession && cacheSession->sessionIDSz == 0) {
1771                cacheSession = NULL;
1772                WOLFSSL_MSG("Session cache entry not set");
1773                error = WOLFSSL_FATAL_ERROR;
1774            }
1775        }
1776        if (error == 0) {
1777            /* Calculate the hash of the session ID */
1778            sessionIDHash = HashObject(cacheSession->sessionID, ID_LEN,
1779                    &error);
1780        }
1781        if (error == 0) {
1782            /* Check the session ID hash matches */
1783            error = clientSession->sessionIDHash != sessionIDHash;
1784            if (error != 0)
1785                WOLFSSL_MSG("session ID hashes don't match");
1786        }
1787        if (error == 0) {
1788            /* Hashes match */
1789            session = cacheSession;
1790            WOLFSSL_MSG("Found session cache matching client session object");
1791        }
1792        if (sessRow != NULL) {
1793            SESSION_ROW_UNLOCK(sessRow);
1794        }
1795        wc_UnLockMutex(&clisession_mutex);
1796        return (WOLFSSL_SESSION*)session;
1797    }
1798    else {
1799        /* Plain WOLFSSL_SESSION object */
1800        return (WOLFSSL_SESSION*)session;
1801    }
1802#else
1803    return (WOLFSSL_SESSION*)session;
1804#endif
1805#endif
1806}
1807
1808int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
1809        const byte* id, byte idSz, int* sessionIndex, int side,
1810        word16 useTicket, ClientSession** clientCacheEntry)
1811{
1812    WOLFSSL_SESSION* cacheSession = NULL;
1813    SessionRow* sessRow = NULL;
1814    word32 idx = 0;
1815#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
1816    WOLFSSL_X509* cachePeer = NULL;
1817    WOLFSSL_X509* addPeer = NULL;
1818#endif
1819#ifdef HAVE_SESSION_TICKET
1820    byte*  cacheTicBuff = NULL;
1821    byte   ticBuffUsed = 0;
1822    byte*  ticBuff = NULL;
1823    int    ticLen  = 0;
1824#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1825    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1826    byte *preallocNonce = NULL;
1827    byte preallocNonceLen = 0;
1828    byte preallocNonceUsed = 0;
1829    byte *toFree = NULL;
1830#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC */
1831#endif /* HAVE_SESSION_TICKET */
1832    int ret = 0;
1833    int row;
1834    int i;
1835    int overwrite = 0;
1836    (void)ctx;
1837    (void)sessionIndex;
1838    (void)useTicket;
1839    (void)clientCacheEntry;
1840
1841    WOLFSSL_ENTER("AddSessionToCache");
1842
1843    if (idSz == 0) {
1844        WOLFSSL_MSG("AddSessionToCache idSz == 0");
1845        return BAD_FUNC_ARG;
1846    }
1847
1848    addSession = ClientSessionToSession(addSession);
1849    if (addSession == NULL) {
1850        WOLFSSL_MSG("AddSessionToCache is NULL");
1851        return MEMORY_E;
1852    }
1853
1854#ifdef HAVE_SESSION_TICKET
1855    ticLen = addSession->ticketLen;
1856    /* Alloc Memory here to avoid syscalls during lock */
1857    if (ticLen > SESSION_TICKET_LEN) {
1858        ticBuff = (byte*)XMALLOC((size_t)ticLen, NULL,
1859                DYNAMIC_TYPE_SESSION_TICK);
1860        if (ticBuff == NULL) {
1861            return MEMORY_E;
1862        }
1863    }
1864#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1865    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1866    if (addSession->ticketNonce.data != addSession->ticketNonce.dataStatic) {
1867        /* use the AddSession->heap even if the buffer maybe saved in
1868         * CachedSession objects. CachedSession heap and AddSession heap should
1869         * be the same */
1870        preallocNonce = (byte*)XMALLOC(addSession->ticketNonce.len,
1871            addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1872        if (preallocNonce == NULL) {
1873            XFREE(ticBuff, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1874            return MEMORY_E;
1875        }
1876        preallocNonceLen = addSession->ticketNonce.len;
1877    }
1878#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
1879#endif /* HAVE_SESSION_TICKET */
1880
1881    /* Find a position for the new session in cache and use that */
1882    /* Use the session object in the cache for external cache if required */
1883    row = (int)(HashObject(id, ID_LEN, &ret) % SESSION_ROWS);
1884    if (ret != 0) {
1885        WOLFSSL_MSG("Hash session failed");
1886    #ifdef HAVE_SESSION_TICKET
1887        XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
1888    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&      \
1889    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
1890        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1891    #endif
1892    #endif
1893        return ret;
1894    }
1895
1896    sessRow = &SessionCache[row];
1897    if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
1898    #ifdef HAVE_SESSION_TICKET
1899        XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
1900    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
1901        (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && \
1902                                 FIPS_VERSION_GE(5,3)))
1903        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1904    #endif
1905    #endif
1906        WOLFSSL_MSG("Session row lock failed");
1907        return BAD_MUTEX_E;
1908    }
1909
1910    for (i = 0; i < SESSIONS_PER_ROW && i < sessRow->totalCount; i++) {
1911#ifdef SESSION_CACHE_DYNAMIC_MEM
1912        cacheSession = sessRow->Sessions[i];
1913#else
1914        cacheSession = &sessRow->Sessions[i];
1915#endif
1916        if (cacheSession && XMEMCMP(id,
1917                cacheSession->sessionID, ID_LEN) == 0 &&
1918                cacheSession->side == side) {
1919            WOLFSSL_MSG("Session already exists. Overwriting.");
1920            overwrite = 1;
1921            idx = (word32)i;
1922            break;
1923        }
1924    }
1925
1926    if (!overwrite)
1927        idx = (word32)sessRow->nextIdx;
1928#ifdef SESSION_INDEX
1929    if (sessionIndex != NULL)
1930        *sessionIndex = (row << SESSIDX_ROW_SHIFT) | idx;
1931#endif
1932
1933#ifdef SESSION_CACHE_DYNAMIC_MEM
1934    cacheSession = sessRow->Sessions[idx];
1935    if (cacheSession == NULL) {
1936        cacheSession = (WOLFSSL_SESSION*) XMALLOC(sizeof(WOLFSSL_SESSION),
1937                                         sessRow->heap, DYNAMIC_TYPE_SESSION);
1938        if (cacheSession == NULL) {
1939        #ifdef HAVE_SESSION_TICKET
1940            XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
1941        #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
1942            (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && \
1943                                     FIPS_VERSION_GE(5,3)))
1944            XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
1945        #endif
1946        #endif
1947            SESSION_ROW_UNLOCK(sessRow);
1948            return MEMORY_E;
1949        }
1950        XMEMSET(cacheSession, 0, sizeof(WOLFSSL_SESSION));
1951        sessRow->Sessions[idx] = cacheSession;
1952    }
1953#else
1954    cacheSession = &sessRow->Sessions[idx];
1955#endif
1956
1957#ifdef HAVE_EX_DATA_CRYPTO
1958    if (overwrite) {
1959        /* Figure out who owns the ex_data */
1960        if (cacheSession->ownExData) {
1961            /* Prioritize cacheSession copy */
1962            XMEMCPY(&addSession->ex_data, &cacheSession->ex_data,
1963                    sizeof(WOLFSSL_CRYPTO_EX_DATA));
1964        }
1965        /* else will be copied in wolfSSL_DupSession call */
1966    }
1967    else if (cacheSession->ownExData) {
1968        crypto_ex_cb_free_data(cacheSession, crypto_ex_cb_ctx_session,
1969                               &cacheSession->ex_data);
1970        cacheSession->ownExData = 0;
1971    }
1972#endif
1973
1974    if (!overwrite)
1975        EvictSessionFromCache(cacheSession);
1976
1977    cacheSession->type = WOLFSSL_SESSION_TYPE_CACHE;
1978    cacheSession->cacheRow = row;
1979
1980#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
1981    /* Save the peer field to free after unlocking the row */
1982    if (cacheSession->peer != NULL)
1983        cachePeer = cacheSession->peer;
1984    cacheSession->peer = NULL;
1985#endif
1986#ifdef HAVE_SESSION_TICKET
1987    /* If we can reuse the existing buffer in cacheSession then we won't touch
1988     * ticBuff at all making it a very cheap malloc/free. The page on a modern
1989     * OS will most likely not even be allocated to the process. */
1990    if (ticBuff != NULL && cacheSession->ticketLenAlloc < ticLen) {
1991        /* Save pointer only if separately allocated */
1992        if (cacheSession->ticket != cacheSession->staticTicket)
1993            cacheTicBuff = cacheSession->ticket;
1994        ticBuffUsed = 1;
1995        cacheSession->ticket = ticBuff;
1996        cacheSession->ticketLenAlloc = (word16) ticLen;
1997    }
1998#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
1999    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2000    /* cache entry never used */
2001    if (cacheSession->ticketNonce.data == NULL)
2002        cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
2003
2004    if (cacheSession->ticketNonce.data !=
2005            cacheSession->ticketNonce.dataStatic) {
2006        toFree = cacheSession->ticketNonce.data;
2007        cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
2008        cacheSession->ticketNonce.len = 0;
2009    }
2010#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
2011#endif
2012#ifdef SESSION_CERTS
2013    if (overwrite &&
2014            addSession->chain.count == 0 &&
2015            cacheSession->chain.count > 0) {
2016        /* Copy in the certs from the session */
2017        addSession->chain.count = cacheSession->chain.count;
2018        XMEMCPY(addSession->chain.certs, cacheSession->chain.certs,
2019                sizeof(x509_buffer) * (size_t)cacheSession->chain.count);
2020    }
2021#endif /* SESSION_CERTS */
2022#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
2023    /* Don't copy the peer cert into cache */
2024    addPeer = addSession->peer;
2025    addSession->peer = NULL;
2026#endif
2027    cacheSession->heap = NULL;
2028    /* Copy data into the cache object */
2029#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
2030    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                   \
2031    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2032    ret = (wolfSSL_DupSessionEx(addSession, cacheSession, 1, preallocNonce,
2033                                &preallocNonceLen, &preallocNonceUsed)
2034           == WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
2035#else
2036    ret = (wolfSSL_DupSession(addSession, cacheSession, 1)
2037           == WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
2038#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
2039          && FIPS_VERSION_GE(5,3)*/
2040#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
2041    addSession->peer = addPeer;
2042#endif
2043
2044    if (ret == 0) {
2045        if (!overwrite) {
2046            /* Increment the totalCount and the nextIdx */
2047            if (sessRow->totalCount < SESSIONS_PER_ROW)
2048                sessRow->totalCount++;
2049            sessRow->nextIdx = (sessRow->nextIdx + 1) % SESSIONS_PER_ROW;
2050        }
2051        if (id != addSession->sessionID) {
2052            /* ssl->session->sessionID may contain the bogus ID or we want the
2053             * ID from the arrays object */
2054            XMEMCPY(cacheSession->sessionID, id, ID_LEN);
2055            cacheSession->sessionIDSz = ID_LEN;
2056        }
2057#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
2058        if (ctx->rem_sess_cb != NULL)
2059            cacheSession->rem_sess_cb = ctx->rem_sess_cb;
2060#endif
2061#ifdef HAVE_EX_DATA
2062        /* The session in cache now owns the ex_data */
2063        addSession->ownExData = 0;
2064        cacheSession->ownExData = 1;
2065#endif
2066#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
2067    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
2068    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2069        if (preallocNonce != NULL && preallocNonceUsed) {
2070            cacheSession->ticketNonce.data = preallocNonce;
2071            cacheSession->ticketNonce.len = preallocNonceLen;
2072            preallocNonce = NULL;
2073            preallocNonceLen = 0;
2074        }
2075#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC
2076        * && FIPS_VERSION_GE(5,3)*/
2077    }
2078#ifdef HAVE_SESSION_TICKET
2079    else if (ticBuffUsed) {
2080        /* Error occurred. Need to clean up the ticket buffer. */
2081        cacheSession->ticket = cacheSession->staticTicket;
2082        cacheSession->ticketLenAlloc = 0;
2083        cacheSession->ticketLen = 0;
2084    }
2085#endif
2086    SESSION_ROW_UNLOCK(sessRow);
2087    cacheSession = NULL; /* Can't access after unlocked */
2088
2089#ifndef NO_CLIENT_CACHE
2090    if (ret == 0 && clientCacheEntry != NULL) {
2091        ClientSession* clientCache = AddSessionToClientCache(side, row,
2092            (int)idx, addSession->serverID, addSession->idLen, id, useTicket);
2093        if (clientCache != NULL)
2094            *clientCacheEntry = clientCache;
2095    }
2096#endif
2097
2098#ifdef HAVE_SESSION_TICKET
2099    if (ticBuff != NULL && !ticBuffUsed)
2100        XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
2101    XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
2102#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&         \
2103    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
2104    XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
2105    XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
2106#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
2107#endif
2108
2109#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
2110    if (cachePeer != NULL) {
2111        wolfSSL_X509_free(cachePeer);
2112        cachePeer = NULL; /* Make sure not use after this point */
2113    }
2114#endif
2115
2116    return ret;
2117}
2118
2119void AddSession(WOLFSSL* ssl)
2120{
2121    int    error = 0;
2122    const byte* id = NULL;
2123    byte idSz = 0;
2124    WOLFSSL_SESSION* session = ssl->session;
2125
2126    (void)error;
2127
2128    WOLFSSL_ENTER("AddSession");
2129
2130    if (SslSessionCacheOff(ssl, session)) {
2131        WOLFSSL_MSG("Cache off");
2132        return;
2133    }
2134
2135    if (session->haveAltSessionID) {
2136        id = session->altSessionID;
2137        idSz = ID_LEN;
2138    }
2139    else {
2140        id = session->sessionID;
2141        idSz = session->sessionIDSz;
2142    }
2143
2144    /* Do this only for the client because if the server doesn't have an ID at
2145     * this point, it won't on resumption. */
2146    if (idSz == 0 && ssl->options.side == WOLFSSL_CLIENT_END) {
2147        WC_RNG* rng = NULL;
2148        if (ssl->rng != NULL)
2149            rng = ssl->rng;
2150#if defined(HAVE_GLOBAL_RNG) && defined(OPENSSL_EXTRA)
2151        else if (initGlobalRNG == 1 || wolfSSL_RAND_Init() == WOLFSSL_SUCCESS) {
2152            rng = &globalRNG;
2153        }
2154#endif
2155        if (wc_RNG_GenerateBlock(rng, ssl->session->altSessionID,
2156                ID_LEN) != 0)
2157            return;
2158        ssl->session->haveAltSessionID = 1;
2159        id = ssl->session->altSessionID;
2160        idSz = ID_LEN;
2161    }
2162
2163#ifdef HAVE_EXT_CACHE
2164    if (!ssl->options.internalCacheOff)
2165#endif
2166    {
2167        /* Try to add the session to internal cache or external cache
2168        if a new_sess_cb is set. Its ok if we don't succeed. */
2169        (void)AddSessionToCache(ssl->ctx, session, id, idSz,
2170#ifdef SESSION_INDEX
2171                &ssl->sessionIndex,
2172#else
2173                NULL,
2174#endif
2175                ssl->options.side,
2176#ifdef HAVE_SESSION_TICKET
2177                ssl->options.useTicket,
2178#else
2179                0,
2180#endif
2181#ifdef NO_SESSION_CACHE_REF
2182                NULL
2183#else
2184                (ssl->options.side == WOLFSSL_CLIENT_END) ?
2185                        &ssl->clientSession : NULL
2186#endif
2187                        );
2188    }
2189
2190#ifdef HAVE_EXT_CACHE
2191    if (error == 0 && ssl->ctx->new_sess_cb != NULL) {
2192        int cbRet = 0;
2193        wolfSSL_SESSION_up_ref(session);
2194        cbRet = ssl->ctx->new_sess_cb(ssl, session);
2195        if (cbRet == 0)
2196            wolfSSL_FreeSession(ssl->ctx, session);
2197    }
2198#endif
2199
2200#if defined(WOLFSSL_SESSION_STATS) && defined(WOLFSSL_PEAK_SESSIONS)
2201    if (error == 0) {
2202        word32 active = 0;
2203
2204        error = get_locked_session_stats(&active, NULL, NULL);
2205        if (error == WOLFSSL_SUCCESS) {
2206            error = 0;  /* back to this function ok */
2207
2208            if (PeakSessions < active) {
2209                PeakSessions = active;
2210            }
2211        }
2212    }
2213#endif /* WOLFSSL_SESSION_STATS && WOLFSSL_PEAK_SESSIONS */
2214    (void)error;
2215}
2216
2217
2218#ifdef SESSION_INDEX
2219
2220int wolfSSL_GetSessionIndex(WOLFSSL* ssl)
2221{
2222    WOLFSSL_ENTER("wolfSSL_GetSessionIndex");
2223    WOLFSSL_LEAVE("wolfSSL_GetSessionIndex", ssl->sessionIndex);
2224    return ssl->sessionIndex;
2225}
2226
2227
2228int wolfSSL_GetSessionAtIndex(int idx, WOLFSSL_SESSION* session)
2229{
2230    int row, col, result = WOLFSSL_FAILURE;
2231    SessionRow* sessRow;
2232    WOLFSSL_SESSION* cacheSession;
2233
2234    WOLFSSL_ENTER("wolfSSL_GetSessionAtIndex");
2235
2236    session = ClientSessionToSession(session);
2237
2238    row = idx >> SESSIDX_ROW_SHIFT;
2239    col = idx & SESSIDX_IDX_MASK;
2240
2241    if (session == NULL ||
2242            row < 0 || row >= SESSION_ROWS || col >= SESSIONS_PER_ROW) {
2243        return WOLFSSL_FAILURE;
2244    }
2245
2246    sessRow = &SessionCache[row];
2247    if (SESSION_ROW_RD_LOCK(sessRow) != 0) {
2248        return BAD_MUTEX_E;
2249    }
2250
2251#ifdef SESSION_CACHE_DYNAMIC_MEM
2252    cacheSession = sessRow->Sessions[col];
2253#else
2254    cacheSession = &sessRow->Sessions[col];
2255#endif
2256    if (cacheSession) {
2257        XMEMCPY(session, cacheSession, sizeof(WOLFSSL_SESSION));
2258        result = WOLFSSL_SUCCESS;
2259    }
2260    else {
2261        result = WOLFSSL_FAILURE;
2262    }
2263
2264    SESSION_ROW_UNLOCK(sessRow);
2265
2266    WOLFSSL_LEAVE("wolfSSL_GetSessionAtIndex", result);
2267    return result;
2268}
2269
2270#endif /* SESSION_INDEX */
2271
2272#if defined(SESSION_CERTS)
2273
2274WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session)
2275{
2276    WOLFSSL_X509_CHAIN* chain = NULL;
2277
2278    WOLFSSL_ENTER("wolfSSL_SESSION_get_peer_chain");
2279
2280    session = ClientSessionToSession(session);
2281
2282    if (session)
2283        chain = &session->chain;
2284
2285    WOLFSSL_LEAVE("wolfSSL_SESSION_get_peer_chain", chain ? 1 : 0);
2286    return chain;
2287}
2288
2289
2290#ifdef OPENSSL_EXTRA
2291/* gets the peer certificate associated with the session passed in
2292 * returns null on failure, the caller should not free the returned pointer */
2293WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session)
2294{
2295    WOLFSSL_ENTER("wolfSSL_SESSION_get_peer_chain");
2296
2297    session = ClientSessionToSession(session);
2298    if (session) {
2299        int count;
2300
2301        count = wolfSSL_get_chain_count(&session->chain);
2302        if (count < 1 || count >= MAX_CHAIN_DEPTH) {
2303            WOLFSSL_MSG("bad count found");
2304            return NULL;
2305        }
2306
2307        if (session->peer == NULL) {
2308            session->peer = wolfSSL_get_chain_X509(&session->chain, 0);
2309        }
2310        return session->peer;
2311    }
2312    WOLFSSL_MSG("No session passed in");
2313
2314    return NULL;
2315}
2316#endif /* OPENSSL_EXTRA */
2317#endif /* SESSION_INDEX && SESSION_CERTS */
2318
2319
2320#ifdef WOLFSSL_SESSION_STATS
2321
2322static int get_locked_session_stats(word32* active, word32* total, word32* peak)
2323{
2324    int result = WOLFSSL_SUCCESS;
2325    int i;
2326    int count;
2327    int idx;
2328    word32 now   = 0;
2329    word32 seen  = 0;
2330    word32 ticks = LowResTimer();
2331
2332    WOLFSSL_ENTER("get_locked_session_stats");
2333
2334#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
2335    SESSION_ROW_RD_LOCK(&SessionCache[0]);
2336#endif
2337    for (i = 0; i < SESSION_ROWS; i++) {
2338        SessionRow* row = &SessionCache[i];
2339    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
2340        if (SESSION_ROW_RD_LOCK(row) != 0) {
2341            WOLFSSL_MSG("Session row cache mutex lock failed");
2342            return BAD_MUTEX_E;
2343        }
2344    #endif
2345
2346        seen += row->totalCount;
2347
2348        if (active == NULL) {
2349            SESSION_ROW_UNLOCK(row);
2350            continue;
2351        }
2352
2353        count = min((word32)row->totalCount, SESSIONS_PER_ROW);
2354        idx   = row->nextIdx - 1;
2355        if (idx < 0 || idx >= SESSIONS_PER_ROW) {
2356            idx = SESSIONS_PER_ROW - 1; /* if back to front previous was end */
2357        }
2358
2359        for (; count > 0; --count) {
2360            /* if not expired then good */
2361#ifdef SESSION_CACHE_DYNAMIC_MEM
2362            if (row->Sessions[idx] &&
2363                ticks < (row->Sessions[idx]->bornOn +
2364                            row->Sessions[idx]->timeout) )
2365#else
2366            if (ticks < (row->Sessions[idx].bornOn +
2367                            row->Sessions[idx].timeout) )
2368#endif
2369            {
2370                now++;
2371            }
2372
2373            idx = idx > 0 ? idx - 1 : SESSIONS_PER_ROW - 1;
2374        }
2375
2376    #ifdef ENABLE_SESSION_CACHE_ROW_LOCK
2377        SESSION_ROW_UNLOCK(row);
2378    #endif
2379    }
2380#ifndef ENABLE_SESSION_CACHE_ROW_LOCK
2381    SESSION_ROW_UNLOCK(&SessionCache[0]);
2382#endif
2383
2384    if (active) {
2385        *active = now;
2386    }
2387    if (total) {
2388        *total = seen;
2389    }
2390
2391#ifdef WOLFSSL_PEAK_SESSIONS
2392    if (peak) {
2393        *peak = PeakSessions;
2394    }
2395#else
2396    (void)peak;
2397#endif
2398
2399    WOLFSSL_LEAVE("get_locked_session_stats", result);
2400
2401    return result;
2402}
2403
2404
2405/* return WOLFSSL_SUCCESS on ok */
2406int wolfSSL_get_session_stats(word32* active, word32* total, word32* peak,
2407                              word32* maxSessions)
2408{
2409    int result = WOLFSSL_SUCCESS;
2410
2411    WOLFSSL_ENTER("wolfSSL_get_session_stats");
2412
2413    if (maxSessions) {
2414        *maxSessions = SESSIONS_PER_ROW * SESSION_ROWS;
2415
2416        if (active == NULL && total == NULL && peak == NULL)
2417            return result;  /* we're done */
2418    }
2419
2420    /* user must provide at least one query value */
2421    if (active == NULL && total == NULL && peak == NULL) {
2422        return BAD_FUNC_ARG;
2423    }
2424
2425    result = get_locked_session_stats(active, total, peak);
2426
2427    WOLFSSL_LEAVE("wolfSSL_get_session_stats", result);
2428
2429    return result;
2430}
2431
2432#endif /* WOLFSSL_SESSION_STATS */
2433
2434
2435    #ifdef PRINT_SESSION_STATS
2436
2437    /* WOLFSSL_SUCCESS on ok */
2438    int wolfSSL_PrintSessionStats(void)
2439    {
2440        word32 totalSessionsSeen = 0;
2441        word32 totalSessionsNow = 0;
2442        word32 peak = 0;
2443        word32 maxSessions = 0;
2444        int    i;
2445        int    ret;
2446        double E;               /* expected freq */
2447        double chiSquare = 0;
2448
2449        ret = wolfSSL_get_session_stats(&totalSessionsNow, &totalSessionsSeen,
2450                                        &peak, &maxSessions);
2451        if (ret != WOLFSSL_SUCCESS)
2452            return ret;
2453        printf("Total Sessions Seen = %u\n", totalSessionsSeen);
2454        printf("Total Sessions Now  = %u\n", totalSessionsNow);
2455#ifdef WOLFSSL_PEAK_SESSIONS
2456        printf("Peak  Sessions      = %u\n", peak);
2457#endif
2458        printf("Max   Sessions      = %u\n", maxSessions);
2459
2460        E = (double)totalSessionsSeen / SESSION_ROWS;
2461
2462        for (i = 0; i < SESSION_ROWS; i++) {
2463            double diff = SessionCache[i].totalCount - E;
2464            diff *= diff;                /* square    */
2465            diff /= E;                   /* normalize */
2466
2467            chiSquare += diff;
2468        }
2469        printf("  chi-square = %5.1f, d.f. = %d\n", chiSquare,
2470                                                     SESSION_ROWS - 1);
2471        #if (SESSION_ROWS == 11)
2472            printf(" .05 p value =  18.3, chi-square should be less\n");
2473        #elif (SESSION_ROWS == 211)
2474            printf(".05 p value  = 244.8, chi-square should be less\n");
2475        #elif (SESSION_ROWS == 5981)
2476            printf(".05 p value  = 6161.0, chi-square should be less\n");
2477        #elif (SESSION_ROWS == 3)
2478            printf(".05 p value  =   6.0, chi-square should be less\n");
2479        #elif (SESSION_ROWS == 2861)
2480            printf(".05 p value  = 2985.5, chi-square should be less\n");
2481        #endif
2482        printf("\n");
2483
2484        return ret;
2485    }
2486
2487    #endif /* SESSION_STATS */
2488
2489#else  /* NO_SESSION_CACHE */
2490
2491WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
2492{
2493    return (WOLFSSL_SESSION*)session;
2494}
2495
2496/* No session cache version */
2497WOLFSSL_SESSION* wolfSSL_GetSession(WOLFSSL* ssl, byte* masterSecret,
2498        byte restoreSessionCerts)
2499{
2500    (void)ssl;
2501    (void)masterSecret;
2502    (void)restoreSessionCerts;
2503
2504    return NULL;
2505}
2506
2507#endif /* NO_SESSION_CACHE */
2508
2509#ifdef OPENSSL_EXTRA
2510
2511   /* returns previous set cache size which stays constant */
2512    long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX* ctx, long sz)
2513    {
2514        /* cache size fixed at compile time in wolfSSL */
2515        (void)ctx;
2516        (void)sz;
2517        WOLFSSL_MSG("session cache is set at compile time");
2518        #ifndef NO_SESSION_CACHE
2519            return (long)(SESSIONS_PER_ROW * SESSION_ROWS);
2520        #else
2521            return 0;
2522        #endif
2523    }
2524
2525
2526    long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
2527    {
2528        (void)ctx;
2529        #ifndef NO_SESSION_CACHE
2530            return (long)(SESSIONS_PER_ROW * SESSION_ROWS);
2531        #else
2532            return 0;
2533        #endif
2534    }
2535
2536#endif
2537
2538#ifndef NO_SESSION_CACHE
2539int wolfSSL_CTX_add_session(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
2540{
2541    int    error = 0;
2542    const byte* id = NULL;
2543    byte idSz = 0;
2544
2545    WOLFSSL_ENTER("wolfSSL_CTX_add_session");
2546
2547    session = ClientSessionToSession(session);
2548    if (session == NULL)
2549        return WOLFSSL_FAILURE;
2550
2551    /* Session cache is global */
2552    (void)ctx;
2553
2554    if (session->haveAltSessionID) {
2555        id = session->altSessionID;
2556        idSz = ID_LEN;
2557    }
2558    else {
2559        id = session->sessionID;
2560        idSz = session->sessionIDSz;
2561    }
2562
2563    error = AddSessionToCache(ctx, session, id, idSz,
2564            NULL, session->side,
2565#ifdef HAVE_SESSION_TICKET
2566            session->ticketLen > 0,
2567#else
2568            0,
2569#endif
2570            NULL);
2571
2572    return error == 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
2573}
2574#endif
2575
2576#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
2577        defined(HAVE_EXT_CACHE))
2578/* stunnel 4.28 needs
2579 *
2580 * Callback that is called if a session tries to resume but could not find
2581 * the session to resume it.
2582 */
2583void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX* ctx,
2584    WOLFSSL_SESSION*(*f)(WOLFSSL*, const unsigned char*, int, int*))
2585{
2586    if (ctx == NULL)
2587        return;
2588
2589#ifdef HAVE_EXT_CACHE
2590    ctx->get_sess_cb = f;
2591#else
2592    (void)f;
2593#endif
2594}
2595
2596void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX* ctx,
2597                             int (*f)(WOLFSSL*, WOLFSSL_SESSION*))
2598{
2599    if (ctx == NULL)
2600        return;
2601
2602#ifdef HAVE_EXT_CACHE
2603    ctx->new_sess_cb = f;
2604#else
2605    (void)f;
2606#endif
2607}
2608
2609void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*,
2610                                                        WOLFSSL_SESSION*))
2611{
2612    if (ctx == NULL)
2613        return;
2614
2615#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
2616    ctx->rem_sess_cb = f;
2617#else
2618    (void)f;
2619#endif
2620}
2621
2622
2623/*
2624 *
2625 * Note: It is expected that the importing and exporting function have been
2626 *       built with the same settings. For example if session tickets was
2627 *       enabled with the wolfSSL library exporting a session then it is
2628 *       expected to be turned on with the wolfSSL library importing the
2629 *       session.
2630 */
2631int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
2632{
2633    int size = 0;
2634#ifdef HAVE_EXT_CACHE
2635    int idx = 0;
2636#ifdef SESSION_CERTS
2637    int i;
2638#endif
2639
2640    WOLFSSL_ENTER("wolfSSL_i2d_SSL_SESSION");
2641
2642    sess = ClientSessionToSession(sess);
2643    if (sess == NULL) {
2644        return BAD_FUNC_ARG;
2645    }
2646
2647    /* side | bornOn | timeout | sessionID len | sessionID | masterSecret |
2648     * haveEMS  */
2649    size += OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN +
2650            sess->sessionIDSz + SECRET_LEN + OPAQUE8_LEN;
2651    /* altSessionID */
2652    size += OPAQUE8_LEN + (sess->haveAltSessionID ? ID_LEN : 0);
2653#ifdef SESSION_CERTS
2654    /* Peer chain */
2655    size += OPAQUE8_LEN;
2656    for (i = 0; i < sess->chain.count; i++)
2657        size += OPAQUE16_LEN + sess->chain.certs[i].length;
2658#endif
2659    /* Protocol version */
2660    size += OPAQUE16_LEN;
2661#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
2662                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
2663    /* cipher suite */
2664    size += OPAQUE16_LEN;
2665#endif
2666#ifndef NO_CLIENT_CACHE
2667    /* ServerID len | ServerID */
2668    size += OPAQUE16_LEN + sess->idLen;
2669#endif
2670#ifdef WOLFSSL_SESSION_ID_CTX
2671    /* session context ID len | session context ID */
2672    size += OPAQUE8_LEN + sess->sessionCtxSz;
2673#endif
2674#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
2675    /* peerVerifyRet */
2676    size += OPAQUE8_LEN;
2677#endif
2678#ifdef WOLFSSL_TLS13
2679    /* namedGroup */
2680    size += OPAQUE16_LEN;
2681#endif
2682#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
2683#ifdef WOLFSSL_TLS13
2684#ifdef WOLFSSL_32BIT_MILLI_TIME
2685    /* ticketSeen | ticketAdd */
2686    size += OPAQUE32_LEN + OPAQUE32_LEN;
2687#else
2688    /* ticketSeen Hi 32 bits | ticketSeen Lo 32 bits | ticketAdd */
2689    size += OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE32_LEN;
2690#endif
2691    /* ticketNonce */
2692    size += OPAQUE8_LEN + sess->ticketNonce.len;
2693#endif
2694#ifdef WOLFSSL_EARLY_DATA
2695    size += OPAQUE32_LEN;
2696#endif
2697#endif
2698#ifdef HAVE_SESSION_TICKET
2699    /* ticket len | ticket */
2700    size += OPAQUE16_LEN + sess->ticketLen;
2701#endif
2702
2703    if (p != NULL) {
2704        unsigned char *data;
2705
2706        if (*p == NULL)
2707            *p = (unsigned char*)XMALLOC((size_t)size, NULL,
2708                                                DYNAMIC_TYPE_OPENSSL);
2709        if (*p == NULL)
2710            return 0;
2711        data = *p;
2712
2713        data[idx++] = sess->side;
2714        c32toa(sess->bornOn, data + idx); idx += OPAQUE32_LEN;
2715        c32toa(sess->timeout, data + idx); idx += OPAQUE32_LEN;
2716        data[idx++] = sess->sessionIDSz;
2717        XMEMCPY(data + idx, sess->sessionID, sess->sessionIDSz);
2718        idx += sess->sessionIDSz;
2719        XMEMCPY(data + idx, sess->masterSecret, SECRET_LEN); idx += SECRET_LEN;
2720        data[idx++] = (byte)sess->haveEMS;
2721        data[idx++] = sess->haveAltSessionID ? ID_LEN : 0;
2722        if (sess->haveAltSessionID) {
2723            XMEMCPY(data + idx, sess->altSessionID, ID_LEN);
2724            idx += ID_LEN;
2725        }
2726#ifdef SESSION_CERTS
2727        data[idx++] = (byte)sess->chain.count;
2728        for (i = 0; i < sess->chain.count; i++) {
2729            c16toa((word16)sess->chain.certs[i].length, data + idx);
2730            idx += OPAQUE16_LEN;
2731            XMEMCPY(data + idx, sess->chain.certs[i].buffer,
2732                    (size_t)sess->chain.certs[i].length);
2733            idx += sess->chain.certs[i].length;
2734        }
2735#endif
2736        data[idx++] = sess->version.major;
2737        data[idx++] = sess->version.minor;
2738#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
2739                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
2740        data[idx++] = sess->cipherSuite0;
2741        data[idx++] = sess->cipherSuite;
2742#endif
2743#ifndef NO_CLIENT_CACHE
2744        c16toa(sess->idLen, data + idx); idx += OPAQUE16_LEN;
2745        XMEMCPY(data + idx, sess->serverID, sess->idLen);
2746        idx += sess->idLen;
2747#endif
2748#ifdef WOLFSSL_SESSION_ID_CTX
2749        data[idx++] = sess->sessionCtxSz;
2750        XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz);
2751        idx += sess->sessionCtxSz;
2752#endif
2753#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
2754        data[idx++] = sess->peerVerifyRet;
2755#endif
2756#ifdef WOLFSSL_TLS13
2757        c16toa(sess->namedGroup, data + idx);
2758        idx += OPAQUE16_LEN;
2759#endif
2760#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
2761#ifdef WOLFSSL_TLS13
2762#ifdef WOLFSSL_32BIT_MILLI_TIME
2763        c32toa(sess->ticketSeen, data + idx);
2764        idx += OPAQUE32_LEN;
2765#else
2766        c32toa((word32)(sess->ticketSeen >> 32), data + idx);
2767        idx += OPAQUE32_LEN;
2768        c32toa((word32)sess->ticketSeen, data + idx);
2769        idx += OPAQUE32_LEN;
2770#endif
2771        c32toa(sess->ticketAdd, data + idx);
2772        idx += OPAQUE32_LEN;
2773        data[idx++] = sess->ticketNonce.len;
2774        XMEMCPY(data + idx, sess->ticketNonce.data, sess->ticketNonce.len);
2775        idx += sess->ticketNonce.len;
2776#endif
2777#ifdef WOLFSSL_EARLY_DATA
2778        c32toa(sess->maxEarlyDataSz, data + idx);
2779        idx += OPAQUE32_LEN;
2780#endif
2781#endif
2782#ifdef HAVE_SESSION_TICKET
2783        c16toa(sess->ticketLen, data + idx); idx += OPAQUE16_LEN;
2784        XMEMCPY(data + idx, sess->ticket, sess->ticketLen);
2785        idx += sess->ticketLen;
2786#endif
2787    }
2788#endif
2789
2790    (void)sess;
2791    (void)p;
2792#ifdef HAVE_EXT_CACHE
2793    (void)idx;
2794#endif
2795
2796    return size;
2797}
2798
2799
2800/* TODO: no function to free new session.
2801 *
2802 * Note: It is expected that the importing and exporting function have been
2803 *       built with the same settings. For example if session tickets was
2804 *       enabled with the wolfSSL library exporting a session then it is
2805 *       expected to be turned on with the wolfSSL library importing the
2806 *       session.
2807 */
2808WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
2809                                const unsigned char** p, long i)
2810{
2811    WOLFSSL_SESSION* s = NULL;
2812    int ret = 0;
2813#if defined(HAVE_EXT_CACHE)
2814    int idx = 0;
2815    byte* data;
2816#ifdef SESSION_CERTS
2817    int j;
2818    word16 length;
2819#endif
2820#endif /* HAVE_EXT_CACHE */
2821
2822    (void)p;
2823    (void)i;
2824    (void)ret;
2825    (void)sess;
2826
2827#ifdef HAVE_EXT_CACHE
2828    if (p == NULL || *p == NULL)
2829        return NULL;
2830
2831    s = wolfSSL_SESSION_new();
2832    if (s == NULL)
2833        return NULL;
2834
2835    idx = 0;
2836    data = (byte*)*p;
2837
2838    /* side | bornOn | timeout | sessionID len */
2839    if (i < OPAQUE8_LEN + OPAQUE32_LEN + OPAQUE32_LEN + OPAQUE8_LEN) {
2840        ret = BUFFER_ERROR;
2841        goto end;
2842    }
2843    s->side = data[idx++];
2844    ato32(data + idx, &s->bornOn); idx += OPAQUE32_LEN;
2845    ato32(data + idx, &s->timeout); idx += OPAQUE32_LEN;
2846    s->sessionIDSz = data[idx++];
2847    if (s->sessionIDSz > ID_LEN) {
2848        ret = BUFFER_ERROR;
2849        goto end;
2850    }
2851
2852    /* sessionID | secret | haveEMS | haveAltSessionID */
2853    if (i - idx < s->sessionIDSz + SECRET_LEN + OPAQUE8_LEN + OPAQUE8_LEN) {
2854        ret = BUFFER_ERROR;
2855        goto end;
2856    }
2857    XMEMCPY(s->sessionID, data + idx, s->sessionIDSz);
2858    idx  += s->sessionIDSz;
2859    XMEMCPY(s->masterSecret, data + idx, SECRET_LEN); idx += SECRET_LEN;
2860    s->haveEMS = data[idx++];
2861    if (data[idx] != ID_LEN && data[idx] != 0) {
2862        ret = BUFFER_ERROR;
2863        goto end;
2864    }
2865    s->haveAltSessionID = data[idx++] == ID_LEN;
2866
2867    /* altSessionID */
2868    if (s->haveAltSessionID) {
2869        if (i - idx < ID_LEN) {
2870            ret = BUFFER_ERROR;
2871            goto end;
2872        }
2873        XMEMCPY(s->altSessionID, data + idx, ID_LEN); idx += ID_LEN;
2874    }
2875
2876#ifdef SESSION_CERTS
2877    /* Certificate chain */
2878    if (i - idx == 0) {
2879        ret = BUFFER_ERROR;
2880        goto end;
2881    }
2882    s->chain.count = data[idx++];
2883    if (s->chain.count > MAX_CHAIN_DEPTH) {
2884        ret = BUFFER_ERROR;
2885        goto end;
2886    }
2887    for (j = 0; j < s->chain.count; j++) {
2888        if (i - idx < OPAQUE16_LEN) {
2889            ret = BUFFER_ERROR;
2890            goto end;
2891        }
2892        ato16(data + idx, &length); idx += OPAQUE16_LEN;
2893        if (length > MAX_X509_SIZE) {
2894            ret = BUFFER_ERROR;
2895            goto end;
2896        }
2897        s->chain.certs[j].length = length;
2898        if (i - idx < length) {
2899            ret = BUFFER_ERROR;
2900            goto end;
2901        }
2902        XMEMCPY(s->chain.certs[j].buffer, data + idx, length);
2903        idx += length;
2904    }
2905#endif
2906    /* Protocol Version */
2907    if (i - idx < OPAQUE16_LEN) {
2908        ret = BUFFER_ERROR;
2909        goto end;
2910    }
2911    s->version.major = data[idx++];
2912    s->version.minor = data[idx++];
2913#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
2914                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
2915    /* Cipher suite */
2916    if (i - idx < OPAQUE16_LEN) {
2917        ret = BUFFER_ERROR;
2918        goto end;
2919    }
2920    s->cipherSuite0 = data[idx++];
2921    s->cipherSuite = data[idx++];
2922#endif
2923#ifndef NO_CLIENT_CACHE
2924    /* ServerID len */
2925    if (i - idx < OPAQUE16_LEN) {
2926        ret = BUFFER_ERROR;
2927        goto end;
2928    }
2929    ato16(data + idx, &s->idLen); idx += OPAQUE16_LEN;
2930    if (s->idLen > SERVER_ID_LEN) {
2931        ret = BUFFER_ERROR;
2932        goto end;
2933    }
2934
2935    /* ServerID */
2936    if (i - idx < s->idLen) {
2937        ret = BUFFER_ERROR;
2938        goto end;
2939    }
2940    XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen;
2941#endif
2942#ifdef WOLFSSL_SESSION_ID_CTX
2943    /* byte for length of session context ID */
2944    if (i - idx < OPAQUE8_LEN) {
2945        ret = BUFFER_ERROR;
2946        goto end;
2947    }
2948    s->sessionCtxSz = data[idx++];
2949    if (s->sessionCtxSz > ID_LEN) {
2950        ret = BUFFER_ERROR;
2951        goto end;
2952    }
2953
2954    /* app session context ID */
2955    if (i - idx < s->sessionCtxSz) {
2956        ret = BUFFER_ERROR;
2957        goto end;
2958    }
2959    XMEMCPY(s->sessionCtx, data + idx, s->sessionCtxSz); idx += s->sessionCtxSz;
2960#endif
2961#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
2962    /* byte for peerVerifyRet */
2963    if (i - idx < OPAQUE8_LEN) {
2964        ret = BUFFER_ERROR;
2965        goto end;
2966    }
2967    s->peerVerifyRet = data[idx++];
2968#endif
2969#ifdef WOLFSSL_TLS13
2970    if (i - idx < OPAQUE16_LEN) {
2971        ret = BUFFER_ERROR;
2972        goto end;
2973    }
2974    ato16(data + idx, &s->namedGroup);
2975    idx += OPAQUE16_LEN;
2976#endif
2977#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
2978#ifdef WOLFSSL_TLS13
2979
2980#ifdef WOLFSSL_32BIT_MILLI_TIME
2981    if (i - idx < OPAQUE32_LEN) {
2982        ret = BUFFER_ERROR;
2983        goto end;
2984    }
2985    ato32(data + idx, &s->ticketSeen);
2986    idx += OPAQUE32_LEN;
2987#else
2988    if (i - idx < (OPAQUE32_LEN * 2)) {
2989        ret = BUFFER_ERROR;
2990        goto end;
2991    }
2992    {
2993        word32 seenHi, seenLo;
2994        ato32(data + idx, &seenHi);
2995        idx += OPAQUE32_LEN;
2996        ato32(data + idx, &seenLo);
2997        idx += OPAQUE32_LEN;
2998        s->ticketSeen = ((sword64)seenHi << 32) + seenLo;
2999    }
3000#endif
3001
3002    if (i - idx < OPAQUE32_LEN) {
3003        ret = BUFFER_ERROR;
3004        goto end;
3005    }
3006    ato32(data + idx, &s->ticketAdd);
3007    idx += OPAQUE32_LEN;
3008    if (i - idx < OPAQUE8_LEN) {
3009        ret = BUFFER_ERROR;
3010        goto end;
3011    }
3012    s->ticketNonce.len = data[idx++];
3013
3014    if (i - idx < s->ticketNonce.len) {
3015        ret = BUFFER_ERROR;
3016        goto end;
3017    }
3018#if defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                     \
3019    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3020    ret = SessionTicketNoncePopulate(s, data + idx, s->ticketNonce.len);
3021    if (ret != 0)
3022        goto end;
3023#else
3024    if (s->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ) {
3025        ret = BUFFER_ERROR;
3026        goto end;
3027    }
3028    XMEMCPY(s->ticketNonce.data, data + idx, s->ticketNonce.len);
3029#endif /* defined(WOLFSSL_TICKET_NONCE_MALLOC) && FIPS_VERSION_GE(5,3) */
3030
3031    idx += s->ticketNonce.len;
3032#endif
3033#ifdef WOLFSSL_EARLY_DATA
3034    if (i - idx < OPAQUE32_LEN) {
3035        ret = BUFFER_ERROR;
3036        goto end;
3037    }
3038    ato32(data + idx, &s->maxEarlyDataSz);
3039    idx += OPAQUE32_LEN;
3040#endif
3041#endif
3042#ifdef HAVE_SESSION_TICKET
3043    /* ticket len */
3044    if (i - idx < OPAQUE16_LEN) {
3045        ret = BUFFER_ERROR;
3046        goto end;
3047    }
3048    ato16(data + idx, &s->ticketLen); idx += OPAQUE16_LEN;
3049
3050    /* Dispose of ol dynamic ticket and ensure space for new ticket. */
3051    if (s->ticketLenAlloc > 0) {
3052        XFREE(s->ticket, NULL, DYNAMIC_TYPE_SESSION_TICK);
3053    }
3054    if (s->ticketLen <= SESSION_TICKET_LEN)
3055        s->ticket = s->staticTicket;
3056    else {
3057        s->ticket = (byte*)XMALLOC(s->ticketLen, NULL,
3058                                   DYNAMIC_TYPE_SESSION_TICK);
3059        if (s->ticket == NULL) {
3060            ret = MEMORY_ERROR;
3061            goto end;
3062        }
3063        s->ticketLenAlloc = (word16)s->ticketLen;
3064    }
3065
3066    /* ticket */
3067    if (i - idx < s->ticketLen) {
3068        ret = BUFFER_ERROR;
3069        goto end;
3070    }
3071    XMEMCPY(s->ticket, data + idx, s->ticketLen); idx += s->ticketLen;
3072#endif
3073    (void)idx;
3074
3075    if (sess != NULL) {
3076        wolfSSL_FreeSession(NULL, *sess);
3077        *sess = s;
3078    }
3079
3080    s->isSetup = 1;
3081
3082    *p += idx;
3083
3084end:
3085    if (ret != 0 && (sess == NULL || *sess != s)) {
3086        wolfSSL_FreeSession(NULL, s);
3087        s = NULL;
3088    }
3089#endif /* HAVE_EXT_CACHE */
3090    return s;
3091}
3092
3093/* Check if there is a session ticket associated with this WOLFSSL_SESSION.
3094 *
3095 * sess - pointer to WOLFSSL_SESSION struct
3096 *
3097 * Returns 1 if has session ticket, otherwise 0 */
3098int wolfSSL_SESSION_has_ticket(const WOLFSSL_SESSION* sess)
3099{
3100    WOLFSSL_ENTER("wolfSSL_SESSION_has_ticket");
3101#ifdef HAVE_SESSION_TICKET
3102    sess = ClientSessionToSession(sess);
3103    if (sess) {
3104        if ((sess->ticketLen > 0) && (sess->ticket != NULL)) {
3105            return WOLFSSL_SUCCESS;
3106        }
3107    }
3108#else
3109    (void)sess;
3110#endif
3111    return WOLFSSL_FAILURE;
3112}
3113
3114unsigned long wolfSSL_SESSION_get_ticket_lifetime_hint(
3115                  const WOLFSSL_SESSION* sess)
3116{
3117    WOLFSSL_ENTER("wolfSSL_SESSION_get_ticket_lifetime_hint");
3118    sess = ClientSessionToSession(sess);
3119    if (sess) {
3120        return sess->timeout;
3121    }
3122    return 0;
3123}
3124
3125long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess)
3126{
3127    long timeout = 0;
3128    WOLFSSL_ENTER("wolfSSL_SESSION_get_timeout");
3129    sess = ClientSessionToSession(sess);
3130    if (sess)
3131        timeout = sess->timeout;
3132    return timeout;
3133}
3134
3135long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
3136{
3137    word32 tmptime;
3138
3139    ses = ClientSessionToSession(ses);
3140    if (ses == NULL || t < 0) {
3141        return BAD_FUNC_ARG;
3142    }
3143
3144    tmptime = t & 0xFFFFFFFF;
3145    ses->timeout = tmptime;
3146
3147    return WOLFSSL_SUCCESS;
3148}
3149
3150long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
3151{
3152    long bornOn = 0;
3153    WOLFSSL_ENTER("wolfSSL_SESSION_get_time");
3154    sess = ClientSessionToSession(sess);
3155    if (sess)
3156        bornOn = sess->bornOn;
3157    return bornOn;
3158}
3159
3160long wolfSSL_SESSION_set_time(WOLFSSL_SESSION *ses, long t)
3161{
3162
3163    ses = ClientSessionToSession(ses);
3164    if (ses == NULL || t < 0) {
3165        return 0;
3166    }
3167    ses->bornOn = (word32)t;
3168    return t;
3169}
3170
3171#endif /* !NO_SESSION_CACHE && (OPENSSL_EXTRA || HAVE_EXT_CACHE) */
3172
3173#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
3174    defined(HAVE_EX_DATA)
3175
3176#if defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
3177static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx,
3178        void* data, byte get, void** getRet, int* setRet)
3179{
3180    int row;
3181    int i;
3182    int error = 0;
3183    SessionRow* sessRow = NULL;
3184    const byte* id;
3185    byte foundCache = 0;
3186
3187    if (getRet != NULL)
3188        *getRet = NULL;
3189    if (setRet != NULL)
3190        *setRet = WOLFSSL_FAILURE;
3191
3192    id = session->sessionID;
3193    if (session->haveAltSessionID)
3194        id = session->altSessionID;
3195    else if (session->sessionIDSz != ID_LEN) {
3196        WOLFSSL_MSG("Incorrect sessionIDSz");
3197        return;
3198    }
3199
3200    row = (int)(HashObject(id, ID_LEN, &error) % SESSION_ROWS);
3201    if (error != 0) {
3202        WOLFSSL_MSG("Hash session failed");
3203        return;
3204    }
3205
3206    sessRow = &SessionCache[row];
3207    if (get)
3208        error = SESSION_ROW_RD_LOCK(sessRow);
3209    else
3210        error = SESSION_ROW_WR_LOCK(sessRow);
3211    if (error != 0) {
3212        WOLFSSL_MSG("Session row lock failed");
3213        return;
3214    }
3215
3216    for (i = 0; i < SESSIONS_PER_ROW && i < sessRow->totalCount; i++) {
3217        WOLFSSL_SESSION* cacheSession;
3218#ifdef SESSION_CACHE_DYNAMIC_MEM
3219        cacheSession = sessRow->Sessions[i];
3220#else
3221        cacheSession = &sessRow->Sessions[i];
3222#endif
3223        if (cacheSession && cacheSession->sessionIDSz == ID_LEN &&
3224                XMEMCMP(id, cacheSession->sessionID, ID_LEN) == 0
3225                && session->side == cacheSession->side
3226                && (IsAtLeastTLSv1_3(session->version) ==
3227                    IsAtLeastTLSv1_3(cacheSession->version))
3228            ) {
3229            if (get) {
3230                if (getRet) {
3231                    *getRet = wolfSSL_CRYPTO_get_ex_data(
3232                        &cacheSession->ex_data, idx);
3233                }
3234            }
3235            else {
3236                if (setRet) {
3237                    *setRet = wolfSSL_CRYPTO_set_ex_data(
3238                        &cacheSession->ex_data, idx, data);
3239                }
3240            }
3241            foundCache = 1;
3242            break;
3243        }
3244    }
3245    SESSION_ROW_UNLOCK(sessRow);
3246    /* If we don't have a session in cache then clear the ex_data and
3247     * own it */
3248    if (!foundCache) {
3249        XMEMSET(&session->ex_data, 0, sizeof(WOLFSSL_CRYPTO_EX_DATA));
3250        session->ownExData = 1;
3251        if (!get) {
3252            *setRet = wolfSSL_CRYPTO_set_ex_data(&session->ex_data, idx,
3253                    data);
3254        }
3255    }
3256
3257}
3258#endif
3259
3260#endif
3261
3262#ifndef NO_SESSION_CACHE
3263/* OpenSSL-compatible return: 1 if the session was found and removed from the
3264 * internal cache, or if the external remove callback (rem_sess_cb) was
3265 * invoked. 0 if neither applied (not present, or null arguments). */
3266int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *s)
3267{
3268    int found = 0;
3269#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
3270    int rem_called = FALSE;
3271#endif
3272
3273    WOLFSSL_ENTER("wolfSSL_SSL_CTX_remove_session");
3274
3275    s = ClientSessionToSession(s);
3276    if (ctx == NULL || s == NULL)
3277        return 0;
3278
3279#ifdef HAVE_EXT_CACHE
3280    if (!ctx->internalCacheOff)
3281#endif
3282    {
3283        const byte* id;
3284        WOLFSSL_SESSION *sess = NULL;
3285        word32 row = 0;
3286        int ret;
3287
3288        id = s->sessionID;
3289        if (s->haveAltSessionID)
3290            id = s->altSessionID;
3291
3292        ret = TlsSessionCacheGetAndWrLock(id, &sess, &row, ctx->method->side);
3293        if (ret == 0 && sess != NULL) {
3294            found = 1;
3295#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
3296            if (sess->rem_sess_cb != NULL) {
3297                rem_called = TRUE;
3298            }
3299#endif
3300            /* Call this before changing ownExData so that calls to ex_data
3301             * don't try to access the SessionCache again. */
3302            EvictSessionFromCache(sess);
3303#ifdef HAVE_EX_DATA
3304            if (sess->ownExData) {
3305                /* Most recent version of ex data is in cache. Copy it
3306                 * over so the user can free it. */
3307                XMEMCPY(&s->ex_data, &sess->ex_data,
3308                        sizeof(WOLFSSL_CRYPTO_EX_DATA));
3309                s->ownExData = 1;
3310                sess->ownExData = 0;
3311            }
3312#endif
3313#ifdef SESSION_CACHE_DYNAMIC_MEM
3314            {
3315                /* Find and clear entry. Row is locked so we are good to go. */
3316                int idx;
3317                for (idx = 0; idx < SESSIONS_PER_ROW; idx++) {
3318                    if (sess == SessionCache[row].Sessions[idx]) {
3319                        XFREE(sess, sess->heap, DYNAMIC_TYPE_SESSION);
3320                        SessionCache[row].Sessions[idx] = NULL;
3321                        break;
3322                    }
3323                }
3324            }
3325#endif
3326            TlsSessionCacheUnlockRow(row);
3327        }
3328    }
3329
3330#if defined(HAVE_EXT_CACHE) || defined(HAVE_EX_DATA)
3331    if (ctx->rem_sess_cb != NULL && !rem_called) {
3332        ctx->rem_sess_cb(ctx, s);
3333        /* Assume the external cache had the session. */
3334        found = 1;
3335    }
3336#endif
3337
3338    return found;
3339}
3340
3341#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
3342    || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
3343WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *ssl)
3344{
3345    WOLFSSL_ENTER("wolfSSL_SSL_get0_session");
3346
3347    return ssl->session;
3348}
3349#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
3350    OPENSSL_EXTRA || HAVE_LIGHTY */
3351
3352#endif /* NO_SESSION_CACHE */
3353
3354#ifdef WOLFSSL_SESSION_EXPORT
3355/* Used to import a serialized TLS session.
3356 * WARNING: buf contains sensitive information about the state and is best to be
3357 *          encrypted before storing if stored.
3358 *
3359 * @param ssl WOLFSSL structure to import the session into
3360 * @param buf serialized session
3361 * @param sz  size of buffer 'buf'
3362 * @return the number of bytes read from buffer 'buf'
3363 */
3364int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf, unsigned int sz)
3365{
3366    if (ssl == NULL || buf == NULL) {
3367        return BAD_FUNC_ARG;
3368    }
3369    return wolfSSL_session_import_internal(ssl, buf, sz, WOLFSSL_EXPORT_TLS);
3370}
3371
3372
3373/* Used to export a serialized TLS session.
3374 * WARNING: buf contains sensitive information about the state and is best to be
3375 *          encrypted before storing if stored.
3376 *
3377 * @param ssl WOLFSSL structure to export the session from
3378 * @param buf output of serialized session
3379 * @param sz  size in bytes set in 'buf'
3380 * @return the number of bytes written into buffer 'buf'
3381 */
3382int wolfSSL_tls_export(WOLFSSL* ssl, unsigned char* buf, unsigned int* sz)
3383{
3384    if (ssl == NULL || sz == NULL) {
3385        return BAD_FUNC_ARG;
3386    }
3387    return wolfSSL_session_export_internal(ssl, buf, sz, WOLFSSL_EXPORT_TLS);
3388}
3389
3390#ifdef WOLFSSL_DTLS
3391int wolfSSL_dtls_import(WOLFSSL* ssl, const unsigned char* buf, unsigned int sz)
3392{
3393    WOLFSSL_ENTER("wolfSSL_session_import");
3394
3395    if (ssl == NULL || buf == NULL) {
3396        return BAD_FUNC_ARG;
3397    }
3398
3399    /* sanity checks on buffer and protocol are done in internal function */
3400    return wolfSSL_session_import_internal(ssl, buf, sz, WOLFSSL_EXPORT_DTLS);
3401}
3402
3403
3404/* Sets the function to call for serializing the session. This function is
3405 * called right after the handshake is completed. */
3406int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, wc_dtls_export func)
3407{
3408
3409    WOLFSSL_ENTER("wolfSSL_CTX_dtls_set_export");
3410
3411    /* purposefully allow func to be NULL */
3412    if (ctx == NULL) {
3413        return BAD_FUNC_ARG;
3414    }
3415
3416    ctx->dtls_export = func;
3417
3418    return WOLFSSL_SUCCESS;
3419}
3420
3421/* Sets the function in WOLFSSL struct to call for serializing the session. This
3422 * function is called right after the handshake is completed. */
3423int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func)
3424{
3425
3426    WOLFSSL_ENTER("wolfSSL_dtls_set_export");
3427
3428    /* purposefully allow func to be NULL */
3429    if (ssl == NULL) {
3430        return BAD_FUNC_ARG;
3431    }
3432
3433    ssl->dtls_export = func;
3434
3435    return WOLFSSL_SUCCESS;
3436}
3437
3438
3439/* This function allows for directly serializing a session rather than using
3440 * callbacks. It has less overhead by removing a temporary buffer and gives
3441 * control over when the session gets serialized. When using callbacks the
3442 * session is always serialized immediately after the handshake is finished.
3443 *
3444 * buf is the argument to contain the serialized session
3445 * sz  is the size of the buffer passed in
3446 * ssl is the WOLFSSL struct to serialize
3447 * returns the size of serialized session on success, 0 on no action, and
3448 *         negative value on error */
3449int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf, unsigned int* sz)
3450{
3451    WOLFSSL_ENTER("wolfSSL_dtls_export");
3452
3453    if (ssl == NULL || sz == NULL) {
3454        return BAD_FUNC_ARG;
3455    }
3456
3457    if (buf == NULL) {
3458        *sz = MAX_EXPORT_BUFFER;
3459        return 0;
3460    }
3461
3462    /* if not DTLS do nothing */
3463    if (!ssl->options.dtls) {
3464        WOLFSSL_MSG("Currently only DTLS export is supported");
3465        return 0;
3466    }
3467
3468    /* copy over keys, options, and dtls state struct */
3469    return wolfSSL_session_export_internal(ssl, buf, sz, WOLFSSL_EXPORT_DTLS);
3470}
3471
3472
3473/* This function is similar to wolfSSL_dtls_export but only exports the portion
3474 * of the WOLFSSL structure related to the state of the connection, i.e. peer
3475 * sequence number, epoch, AEAD state etc.
3476 *
3477 * buf is the argument to contain the serialized state, if null then set "sz" to
3478 *     buffer size required
3479 * sz  is the size of the buffer passed in
3480 * ssl is the WOLFSSL struct to serialize
3481 * returns the size of serialized session on success, 0 on no action, and
3482 *         negative value on error */
3483int wolfSSL_dtls_export_state_only(WOLFSSL* ssl, unsigned char* buf,
3484        unsigned int* sz)
3485{
3486    WOLFSSL_ENTER("wolfSSL_dtls_export_state_only");
3487
3488    if (ssl == NULL || sz == NULL) {
3489        return BAD_FUNC_ARG;
3490    }
3491
3492    if (buf == NULL) {
3493        *sz = MAX_EXPORT_STATE_BUFFER;
3494        return 0;
3495    }
3496
3497    /* if not DTLS do nothing */
3498    if (!ssl->options.dtls) {
3499        WOLFSSL_MSG("Currently only DTLS export state is supported");
3500        return 0;
3501    }
3502
3503    /* copy over keys, options, and dtls state struct */
3504    return wolfSSL_dtls_export_state_internal(ssl, buf, *sz);
3505}
3506
3507
3508/* returns 0 on success */
3509int wolfSSL_send_session(WOLFSSL* ssl)
3510{
3511    int ret;
3512    byte* buf;
3513    word32 bufSz = MAX_EXPORT_BUFFER;
3514
3515    WOLFSSL_ENTER("wolfSSL_send_session");
3516
3517    if (ssl == NULL) {
3518        return BAD_FUNC_ARG;
3519    }
3520
3521    buf = (byte*)XMALLOC(bufSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3522    if (buf == NULL) {
3523        return MEMORY_E;
3524    }
3525
3526    /* if not DTLS do nothing */
3527    if (!ssl->options.dtls) {
3528        XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3529        WOLFSSL_MSG("Currently only DTLS export is supported");
3530        return 0;
3531    }
3532
3533    /* copy over keys, options, and dtls state struct */
3534    ret = wolfSSL_session_export_internal(ssl, buf, &bufSz,
3535        WOLFSSL_EXPORT_DTLS);
3536    if (ret < 0) {
3537        XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3538        return ret;
3539    }
3540
3541    /* if no error ret has size of buffer */
3542    ret = ssl->dtls_export(ssl, buf, ret, NULL);
3543    if (ret != WOLFSSL_SUCCESS) {
3544        XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3545        return ret;
3546    }
3547
3548    XFREE(buf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
3549    return 0;
3550}
3551#endif /* WOLFSSL_DTLS */
3552#endif /* WOLFSSL_SESSION_EXPORT */
3553
3554#ifdef OPENSSL_EXTRA
3555
3556/* Copies the master secret over to out buffer. If outSz is 0 returns the size
3557 * of master secret.
3558 *
3559 * ses : a session from completed TLS/SSL handshake
3560 * out : buffer to hold copy of master secret
3561 * outSz : size of out buffer
3562 * returns : number of bytes copied into out buffer on success
3563 *           less then or equal to 0 is considered a failure case
3564 */
3565int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
3566        unsigned char* out, int outSz)
3567{
3568    int size;
3569
3570    ses = ClientSessionToSession(ses);
3571
3572    if (outSz == 0) {
3573        return SECRET_LEN;
3574    }
3575
3576    if (ses == NULL || out == NULL || outSz < 0) {
3577        return 0;
3578    }
3579
3580    if (outSz > SECRET_LEN) {
3581        size = SECRET_LEN;
3582    }
3583    else {
3584        size = outSz;
3585    }
3586
3587    XMEMCPY(out, ses->masterSecret, (size_t)size);
3588    return size;
3589}
3590
3591
3592int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses)
3593{
3594    (void)ses;
3595    return SECRET_LEN;
3596}
3597
3598#ifdef WOLFSSL_EARLY_DATA
3599unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *session)
3600{
3601    if (session == NULL) {
3602        return BAD_FUNC_ARG;
3603    }
3604
3605    return session->maxEarlyDataSz;
3606}
3607#endif /* WOLFSSL_EARLY_DATA */
3608
3609#endif /* OPENSSL_EXTRA */
3610
3611void SetupSession(WOLFSSL* ssl)
3612{
3613    WOLFSSL_SESSION* session = ssl->session;
3614
3615    WOLFSSL_ENTER("SetupSession");
3616
3617    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
3618        /* Make sure the session ID is available when the user calls any
3619         * get_session API */
3620        if (!session->haveAltSessionID) {
3621            XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
3622            session->sessionIDSz = ssl->arrays->sessionIDSz;
3623        }
3624        else {
3625            XMEMCPY(session->sessionID, session->altSessionID, ID_LEN);
3626            session->sessionIDSz = ID_LEN;
3627        }
3628    }
3629    session->side = (byte)ssl->options.side;
3630    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
3631        XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
3632    /* RFC8446 Appendix D.
3633     *   implementations which support both TLS 1.3 and earlier versions SHOULD
3634     *   indicate the use of the Extended Master Secret extension in their APIs
3635     *   whenever TLS 1.3 is used.
3636     * Set haveEMS so that we send the extension in subsequent connections that
3637     * offer downgrades. */
3638    if (IsAtLeastTLSv1_3(ssl->version))
3639        session->haveEMS = 1;
3640    else
3641        session->haveEMS = ssl->options.haveEMS;
3642#ifdef WOLFSSL_SESSION_ID_CTX
3643    /* If using compatibility layer then check for and copy over session context
3644     * id. */
3645    if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) {
3646        XMEMCPY(ssl->session->sessionCtx, ssl->sessionCtx, ssl->sessionCtxSz);
3647        session->sessionCtxSz = ssl->sessionCtxSz;
3648    }
3649#endif
3650    session->timeout = ssl->timeout;
3651#ifndef NO_ASN_TIME
3652    session->bornOn  = LowResTimer();
3653#endif
3654    session->version = ssl->version;
3655#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
3656                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
3657    session->cipherSuite0 = ssl->options.cipherSuite0;
3658    session->cipherSuite = ssl->options.cipherSuite;
3659#endif
3660#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
3661    session->peerVerifyRet = (byte)ssl->peerVerifyRet;
3662#endif
3663    session->isSetup = 1;
3664}
3665
3666#ifdef WOLFSSL_SESSION_ID_CTX
3667    /* Storing app session context id, this value is inherited by WOLFSSL
3668     * objects created from WOLFSSL_CTX. Any session that is imported with a
3669     * different session context id will be rejected.
3670     *
3671     * ctx         structure to set context in
3672     * sid_ctx     value of context to set
3673     * sid_ctx_len length of sid_ctx buffer
3674     *
3675     * Returns WOLFSSL_SUCCESS in success case and WOLFSSL_FAILURE when failing
3676     */
3677    int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX* ctx,
3678                                           const unsigned char* sid_ctx,
3679                                           unsigned int sid_ctx_len)
3680    {
3681        WOLFSSL_ENTER("wolfSSL_CTX_set_session_id_context");
3682
3683        /* No application specific context needed for wolfSSL */
3684        if (sid_ctx_len > ID_LEN || ctx == NULL || sid_ctx == NULL) {
3685            return WOLFSSL_FAILURE;
3686        }
3687        XMEMCPY(ctx->sessionCtx, sid_ctx, sid_ctx_len);
3688        ctx->sessionCtxSz = (byte)sid_ctx_len;
3689
3690        return WOLFSSL_SUCCESS;
3691    }
3692
3693
3694
3695    /* Storing app session context id. Any session that is imported with a
3696     * different session context id will be rejected.
3697     *
3698     * ssl  structure to set context in
3699     * id   value of context to set
3700     * len  length of sid_ctx buffer
3701     *
3702     * Returns WOLFSSL_SUCCESS in success case and WOLFSSL_FAILURE when failing
3703     */
3704    int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
3705                                   unsigned int len)
3706    {
3707        WOLFSSL_ENTER("wolfSSL_set_session_id_context");
3708
3709        if (len > ID_LEN || ssl == NULL || id == NULL) {
3710            return WOLFSSL_FAILURE;
3711        }
3712        XMEMCPY(ssl->sessionCtx, id, len);
3713        ssl->sessionCtxSz = (byte)len;
3714
3715        return WOLFSSL_SUCCESS;
3716    }
3717#endif
3718
3719/* return a new malloc'd session with default settings on success */
3720WOLFSSL_SESSION* wolfSSL_NewSession(void* heap)
3721{
3722    WOLFSSL_SESSION* ret = NULL;
3723
3724    WOLFSSL_ENTER("wolfSSL_NewSession");
3725
3726    ret = (WOLFSSL_SESSION*)XMALLOC(sizeof(WOLFSSL_SESSION), heap,
3727            DYNAMIC_TYPE_SESSION);
3728    if (ret != NULL) {
3729        int err;
3730        XMEMSET(ret, 0, sizeof(WOLFSSL_SESSION));
3731        wolfSSL_RefInit(&ret->ref, &err);
3732    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
3733        if (err != 0) {
3734            WOLFSSL_MSG("Error setting up session reference mutex");
3735            XFREE(ret, ret->heap, DYNAMIC_TYPE_SESSION);
3736            return NULL;
3737        }
3738    #else
3739        (void)err;
3740    #endif
3741#ifndef NO_SESSION_CACHE
3742        ret->cacheRow = INVALID_SESSION_ROW; /* not in cache */
3743#endif
3744        ret->type = WOLFSSL_SESSION_TYPE_HEAP;
3745        ret->heap = heap;
3746#ifdef WOLFSSL_CHECK_MEM_ZERO
3747        wc_MemZero_Add("SESSION master secret", ret->masterSecret, SECRET_LEN);
3748        wc_MemZero_Add("SESSION id", ret->sessionID, ID_LEN);
3749#endif
3750    #ifdef HAVE_SESSION_TICKET
3751        ret->ticket = ret->staticTicket;
3752        #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&  \
3753    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3754        ret->ticketNonce.data = ret->ticketNonce.dataStatic;
3755        #endif
3756    #endif
3757#ifdef HAVE_EX_DATA
3758        ret->ownExData = 1;
3759        #ifdef HAVE_EX_DATA_CRYPTO
3760        if (crypto_ex_cb_ctx_session != NULL) {
3761            crypto_ex_cb_setup_new_data(ret, crypto_ex_cb_ctx_session,
3762                    &ret->ex_data);
3763        }
3764        #endif
3765#endif
3766    }
3767    return ret;
3768}
3769
3770
3771WOLFSSL_SESSION* wolfSSL_SESSION_new_ex(void* heap)
3772{
3773    return wolfSSL_NewSession(heap);
3774}
3775
3776WOLFSSL_SESSION* wolfSSL_SESSION_new(void)
3777{
3778    return wolfSSL_SESSION_new_ex(NULL);
3779}
3780
3781/* add one to session reference count
3782 * return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error */
3783int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session)
3784{
3785    int ret;
3786
3787    session = ClientSessionToSession(session);
3788
3789    if (session == NULL || session->type != WOLFSSL_SESSION_TYPE_HEAP)
3790        return WOLFSSL_FAILURE;
3791
3792    wolfSSL_RefInc(&session->ref, &ret);
3793#ifdef WOLFSSL_REFCNT_ERROR_RETURN
3794    if (ret != 0) {
3795        WOLFSSL_MSG("Failed to lock session mutex");
3796        return WOLFSSL_FAILURE;
3797    }
3798#else
3799    (void)ret;
3800#endif
3801
3802    return WOLFSSL_SUCCESS;
3803}
3804
3805/**
3806 * Deep copy the contents from input to output.
3807 * @param input         The source of the copy.
3808 * @param output        The destination of the copy.
3809 * @param avoidSysCalls If true, then system calls will be avoided or an error
3810 *                      will be returned if it is not possible to proceed
3811 *                      without a system call. This is useful for fetching
3812 *                      sessions from cache. When a cache row is locked, we
3813 *                      don't want to block other threads with long running
3814 *                      system calls.
3815 * @param ticketNonceBuf If not null and @avoidSysCalls is true, the copy of the
3816 *                      ticketNonce will happen in this pre allocated buffer
3817 * @param ticketNonceLen @ticketNonceBuf len as input, used length on output
3818 * @param ticketNonceUsed if @ticketNonceBuf was used to copy the ticket nonce
3819 * @return              WOLFSSL_SUCCESS on success
3820 *                      WOLFSSL_FAILURE on failure
3821 */
3822static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
3823    WOLFSSL_SESSION* output, int avoidSysCalls, byte* ticketNonceBuf,
3824    byte* ticketNonceLen, byte* preallocUsed)
3825{
3826#ifdef HAVE_SESSION_TICKET
3827    word16 ticLenAlloc = 0;
3828    byte *ticBuff = NULL;
3829#endif
3830    const size_t copyOffset = WC_OFFSETOF(WOLFSSL_SESSION, heap) +
3831        sizeof(input->heap);
3832    int ret = WOLFSSL_SUCCESS;
3833
3834    (void)avoidSysCalls;
3835    (void)ticketNonceBuf;
3836    (void)ticketNonceLen;
3837    (void)preallocUsed;
3838
3839    input = ClientSessionToSession(input);
3840    output = ClientSessionToSession(output);
3841
3842    if (input == NULL || output == NULL || input == output) {
3843        WOLFSSL_MSG("input or output are null or same");
3844        return WOLFSSL_FAILURE;
3845    }
3846
3847#ifdef HAVE_SESSION_TICKET
3848    if (output->ticket != output->staticTicket) {
3849        ticBuff = output->ticket;
3850        ticLenAlloc = output->ticketLenAlloc;
3851    }
3852#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
3853    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3854        /* free the data, it would be better to reuse the buffer but this
3855         * maintain the code simpler. A smart allocator should reuse the free'd
3856         * buffer in the next malloc without much performance penalties. */
3857    if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
3858
3859        /*  Callers that avoid syscall should never calls this with
3860         * output->tickeNonce.data being a dynamic buffer.*/
3861        if (avoidSysCalls) {
3862            WOLFSSL_MSG("can't avoid syscalls with dynamic TicketNonce buffer");
3863            return WOLFSSL_FAILURE;
3864        }
3865
3866        XFREE(output->ticketNonce.data,
3867            output->heap, DYNAMIC_TYPE_SESSION_TICK);
3868        output->ticketNonce.data = output->ticketNonce.dataStatic;
3869        output->ticketNonce.len = 0;
3870    }
3871#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
3872#endif /* HAVE_SESSION_TICKET */
3873
3874#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
3875    if (output->peer != NULL) {
3876        if (avoidSysCalls) {
3877            WOLFSSL_MSG("Can't free cert when avoiding syscalls");
3878            return WOLFSSL_FAILURE;
3879        }
3880        wolfSSL_X509_free(output->peer);
3881        output->peer = NULL;
3882    }
3883#endif
3884
3885    XMEMCPY((byte*)output + copyOffset, (byte*)input + copyOffset,
3886            sizeof(WOLFSSL_SESSION) - copyOffset);
3887
3888#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13) &&                  \
3889    defined(WOLFSSL_TICKET_NONCE_MALLOC) &&                                    \
3890    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3891    /* fix pointer to static after the copy  */
3892    output->ticketNonce.data = output->ticketNonce.dataStatic;
3893#endif
3894    /* Set sane values for copy */
3895#ifndef NO_SESSION_CACHE
3896    if (output->type != WOLFSSL_SESSION_TYPE_CACHE)
3897        output->cacheRow = INVALID_SESSION_ROW;
3898#endif
3899#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
3900    if (input->peer != NULL && input->peer->dynamicMemory) {
3901        if (wolfSSL_X509_up_ref(input->peer) != WOLFSSL_SUCCESS) {
3902            WOLFSSL_MSG("Can't increase peer cert ref count");
3903            output->peer = NULL;
3904        }
3905    }
3906    else if (!avoidSysCalls)
3907        output->peer = wolfSSL_X509_dup(input->peer);
3908    else
3909        /* output->peer is not that important to copy */
3910        output->peer = NULL;
3911#endif
3912#ifdef HAVE_SESSION_TICKET
3913    if (input->ticketLen > SESSION_TICKET_LEN) {
3914        /* Need dynamic buffer */
3915        if (ticBuff == NULL || ticLenAlloc < input->ticketLen) {
3916            /* allocate new one */
3917            byte* tmp;
3918            if (avoidSysCalls) {
3919                WOLFSSL_MSG("Failed to allocate memory for ticket when avoiding"
3920                        " syscalls");
3921                output->ticket = ticBuff;
3922                output->ticketLenAlloc = (word16) ticLenAlloc;
3923                output->ticketLen = 0;
3924                ret = WOLFSSL_FAILURE;
3925            }
3926            else {
3927#ifdef WOLFSSL_NO_REALLOC
3928                tmp = (byte*)XMALLOC(input->ticketLen,
3929                        output->heap, DYNAMIC_TYPE_SESSION_TICK);
3930                XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
3931                ticBuff = NULL;
3932#else
3933                tmp = (byte*)XREALLOC(ticBuff, input->ticketLen,
3934                        output->heap, DYNAMIC_TYPE_SESSION_TICK);
3935#endif /* WOLFSSL_NO_REALLOC */
3936                if (tmp == NULL) {
3937                    WOLFSSL_MSG("Failed to allocate memory for ticket");
3938#ifndef WOLFSSL_NO_REALLOC
3939                    XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
3940                    ticBuff = NULL;
3941#endif /* WOLFSSL_NO_REALLOC */
3942                    output->ticket = NULL;
3943                    output->ticketLen = 0;
3944                    output->ticketLenAlloc = 0;
3945                    ret = WOLFSSL_FAILURE;
3946                }
3947                else {
3948                    ticBuff = tmp;
3949                    ticLenAlloc = input->ticketLen;
3950                }
3951            }
3952        }
3953        if (ticBuff != NULL && ret == WOLFSSL_SUCCESS) {
3954            XMEMCPY(ticBuff, input->ticket, input->ticketLen);
3955            output->ticket = ticBuff;
3956            output->ticketLenAlloc = (word16) ticLenAlloc;
3957        }
3958    }
3959    else {
3960        /* Default ticket to non dynamic */
3961        if (avoidSysCalls) {
3962            /* Try to use ticBuf if available. Caller can later move it to
3963             * the static buffer. */
3964            if (ticBuff != NULL) {
3965                if (ticLenAlloc >= input->ticketLen) {
3966                    output->ticket = ticBuff;
3967                    output->ticketLenAlloc = ticLenAlloc;
3968                }
3969                else {
3970                    WOLFSSL_MSG("ticket dynamic buffer too small but we are "
3971                                "avoiding system calls");
3972                    ret = WOLFSSL_FAILURE;
3973                    output->ticket = ticBuff;
3974                    output->ticketLenAlloc = (word16) ticLenAlloc;
3975                    output->ticketLen = 0;
3976                }
3977            }
3978            else {
3979                output->ticket = output->staticTicket;
3980                output->ticketLenAlloc = 0;
3981            }
3982        }
3983        else {
3984            XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
3985            output->ticket = output->staticTicket;
3986            output->ticketLenAlloc = 0;
3987        }
3988        if (input->ticketLenAlloc > 0 && ret == WOLFSSL_SUCCESS) {
3989            /* Shouldn't happen as session should have placed this in
3990             * the static buffer */
3991            XMEMCPY(output->ticket, input->ticket,
3992                    input->ticketLen);
3993        }
3994    }
3995    ticBuff = NULL;
3996
3997#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
3998    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
3999    if (preallocUsed != NULL)
4000        *preallocUsed = 0;
4001
4002    if (input->ticketNonce.len > MAX_TICKET_NONCE_STATIC_SZ &&
4003        ret == WOLFSSL_SUCCESS) {
4004        /* TicketNonce does not fit in the static buffer */
4005        if (!avoidSysCalls) {
4006            output->ticketNonce.data = (byte*)XMALLOC(input->ticketNonce.len,
4007                output->heap, DYNAMIC_TYPE_SESSION_TICK);
4008
4009            if (output->ticketNonce.data == NULL) {
4010                WOLFSSL_MSG("Failed to allocate space for ticket nonce");
4011                output->ticketNonce.data = output->ticketNonce.dataStatic;
4012                output->ticketNonce.len = 0;
4013                ret = WOLFSSL_FAILURE;
4014            }
4015            else {
4016                output->ticketNonce.len = input->ticketNonce.len;
4017                XMEMCPY(output->ticketNonce.data, input->ticketNonce.data,
4018                    input->ticketNonce.len);
4019                ret = WOLFSSL_SUCCESS;
4020            }
4021        }
4022        /* we can't do syscalls. Use prealloc buffers if provided from the
4023         * caller. */
4024        else if (ticketNonceBuf != NULL &&
4025                 *ticketNonceLen >= input->ticketNonce.len) {
4026            XMEMCPY(ticketNonceBuf, input->ticketNonce.data,
4027                input->ticketNonce.len);
4028            *ticketNonceLen = input->ticketNonce.len;
4029            if (preallocUsed != NULL)
4030                *preallocUsed = 1;
4031            ret = WOLFSSL_SUCCESS;
4032        }
4033        else {
4034            WOLFSSL_MSG("TicketNonce bigger than static buffer, and we can't "
4035                        "do syscalls");
4036            ret = WOLFSSL_FAILURE;
4037        }
4038    }
4039#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
4040
4041#endif /* HAVE_SESSION_TICKET */
4042
4043#ifdef HAVE_EX_DATA_CRYPTO
4044    if (input->type != WOLFSSL_SESSION_TYPE_CACHE &&
4045            output->type != WOLFSSL_SESSION_TYPE_CACHE) {
4046        /* Not called with cache as that passes ownership of ex_data */
4047        ret = crypto_ex_cb_dup_data(&input->ex_data, &output->ex_data,
4048                                    crypto_ex_cb_ctx_session);
4049    }
4050#endif
4051
4052    return ret;
4053}
4054
4055/**
4056 * Deep copy the contents from input to output.
4057 * @param input         The source of the copy.
4058 * @param output        The destination of the copy.
4059 * @param avoidSysCalls If true, then system calls will be avoided or an error
4060 *                      will be returned if it is not possible to proceed
4061 *                      without a system call. This is useful for fetching
4062 *                      sessions from cache. When a cache row is locked, we
4063 *                      don't want to block other threads with long running
4064 *                      system calls.
4065 * @return              WOLFSSL_SUCCESS on success
4066 *                      WOLFSSL_FAILURE on failure
4067 */
4068int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
4069        int avoidSysCalls)
4070{
4071    return wolfSSL_DupSessionEx(input, output, avoidSysCalls, NULL, NULL, NULL);
4072}
4073
4074WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
4075{
4076    WOLFSSL_SESSION* copy;
4077
4078    WOLFSSL_ENTER("wolfSSL_SESSION_dup");
4079
4080    session = ClientSessionToSession(session);
4081    if (session == NULL)
4082        return NULL;
4083
4084#ifdef HAVE_SESSION_TICKET
4085    if (session->ticketLenAlloc > 0 && !session->ticket) {
4086        WOLFSSL_MSG("Session dynamic flag is set but ticket pointer is null");
4087        return NULL;
4088    }
4089#endif
4090
4091    copy = wolfSSL_NewSession(session->heap);
4092    if (copy != NULL &&
4093            wolfSSL_DupSession(session, copy, 0) != WOLFSSL_SUCCESS) {
4094        wolfSSL_FreeSession(NULL, copy);
4095        copy = NULL;
4096    }
4097    return copy;
4098}
4099
4100void wolfSSL_FreeSession(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
4101{
4102    session = ClientSessionToSession(session);
4103    if (session == NULL)
4104        return;
4105
4106    (void)ctx;
4107
4108    WOLFSSL_ENTER("wolfSSL_FreeSession");
4109
4110    if (session->ref.count > 0) {
4111        int ret;
4112        int isZero;
4113        wolfSSL_RefDec(&session->ref, &isZero, &ret);
4114        (void)ret;
4115        if (!isZero) {
4116            return;
4117        }
4118        wolfSSL_RefFree(&session->ref);
4119    }
4120
4121    WOLFSSL_MSG("wolfSSL_FreeSession full free");
4122
4123#ifdef HAVE_EX_DATA_CRYPTO
4124    if (session->ownExData) {
4125        crypto_ex_cb_free_data(session, crypto_ex_cb_ctx_session,
4126                &session->ex_data);
4127    }
4128#endif
4129
4130#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
4131    wolfSSL_CRYPTO_cleanup_ex_data(&session->ex_data);
4132#endif
4133
4134#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
4135    if (session->peer) {
4136        wolfSSL_X509_free(session->peer);
4137        session->peer = NULL;
4138    }
4139#endif
4140
4141#ifdef HAVE_SESSION_TICKET
4142    if (session->ticketLenAlloc > 0) {
4143        XFREE(session->ticket, session->heap, DYNAMIC_TYPE_SESSION_TICK);
4144        session->ticket = session->staticTicket;
4145        session->ticketLen = 0;
4146        session->ticketLenAlloc = 0;
4147    }
4148#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
4149    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
4150    if (session->ticketNonce.data != session->ticketNonce.dataStatic) {
4151        XFREE(session->ticketNonce.data, session->heap,
4152            DYNAMIC_TYPE_SESSION_TICK);
4153        session->ticketNonce.data = session->ticketNonce.dataStatic;
4154        session->ticketNonce.len = 0;
4155    }
4156#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
4157#endif
4158
4159#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
4160    wolfSSL_CRYPTO_cleanup_ex_data(&session->ex_data);
4161#endif
4162
4163    /* Make sure masterSecret is zeroed. */
4164    ForceZero(session->masterSecret, SECRET_LEN);
4165    /* Session ID is sensitive information too. */
4166    ForceZero(session->sessionID, ID_LEN);
4167
4168    if (session->type == WOLFSSL_SESSION_TYPE_HEAP) {
4169        /* // NOLINTNEXTLINE(clang-analyzer-unix.Malloc) */
4170        XFREE(session, session->heap, DYNAMIC_TYPE_SESSION);
4171    }
4172}
4173
4174/* DO NOT use this API internally. Use wolfSSL_FreeSession directly instead
4175 * and pass in the ctx parameter if possible (like from ssl->ctx). */
4176void wolfSSL_SESSION_free(WOLFSSL_SESSION* session)
4177{
4178    session = ClientSessionToSession(session);
4179    wolfSSL_FreeSession(NULL, session);
4180}
4181
4182#if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE)
4183
4184/**
4185* set cipher to WOLFSSL_SESSION from WOLFSSL_CIPHER
4186* @param session  a pointer to WOLFSSL_SESSION structure
4187* @param cipher   a function pointer to WOLFSSL_CIPHER
4188* @return WOLFSSL_SUCCESS on success, otherwise WOLFSSL_FAILURE
4189*/
4190int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session,
4191                                            const WOLFSSL_CIPHER* cipher)
4192{
4193    WOLFSSL_ENTER("wolfSSL_SESSION_set_cipher");
4194
4195    session = ClientSessionToSession(session);
4196    /* sanity check */
4197    if (session == NULL || cipher == NULL) {
4198        WOLFSSL_MSG("bad argument");
4199        return WOLFSSL_FAILURE;
4200    }
4201    session->cipherSuite0 = cipher->cipherSuite0;
4202    session->cipherSuite  = cipher->cipherSuite;
4203
4204    WOLFSSL_LEAVE("wolfSSL_SESSION_set_cipher", WOLFSSL_SUCCESS);
4205    return WOLFSSL_SUCCESS;
4206}
4207#endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */
4208
4209const char* wolfSSL_SESSION_CIPHER_get_name(const WOLFSSL_SESSION* session)
4210{
4211    session = ClientSessionToSession(session);
4212    if (session == NULL) {
4213        return NULL;
4214    }
4215
4216#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
4217                        (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
4218    #if !defined(WOLFSSL_CIPHER_INTERNALNAME) && !defined(NO_ERROR_STRINGS)
4219        return GetCipherNameIana(session->cipherSuite0, session->cipherSuite);
4220    #else
4221        return GetCipherNameInternal(session->cipherSuite0,
4222            session->cipherSuite);
4223    #endif
4224#else
4225    return NULL;
4226#endif
4227}
4228
4229#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX)
4230const unsigned char *wolfSSL_SESSION_get0_id_context(
4231                      const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length)
4232{
4233    return wolfSSL_SESSION_get_id((WOLFSSL_SESSION *)sess, sid_ctx_length);
4234}
4235int wolfSSL_SESSION_set1_id(WOLFSSL_SESSION *s,
4236                                 const unsigned char *sid, unsigned int sid_len)
4237{
4238    if (s == NULL) {
4239        return WOLFSSL_FAILURE;
4240    }
4241    if (sid_len > ID_LEN) {
4242        return WOLFSSL_FAILURE;
4243    }
4244
4245    s->sessionIDSz = (byte)sid_len;
4246    if (sid != s->sessionID) {
4247        XMEMCPY(s->sessionID, sid, sid_len);
4248    }
4249    return WOLFSSL_SUCCESS;
4250}
4251
4252int wolfSSL_SESSION_set1_id_context(WOLFSSL_SESSION *s,
4253                         const unsigned char *sid_ctx, unsigned int sid_ctx_len)
4254{
4255    if (s == NULL) {
4256        return WOLFSSL_FAILURE;
4257    }
4258    if (sid_ctx_len > ID_LEN) {
4259        return WOLFSSL_FAILURE;
4260    }
4261    s->sessionCtxSz = (byte)sid_ctx_len;
4262    if (sid_ctx != s->sessionCtx) {
4263        XMEMCPY(s->sessionCtx, sid_ctx, sid_ctx_len);
4264    }
4265
4266    return WOLFSSL_SUCCESS;
4267}
4268
4269#endif
4270
4271#ifdef OPENSSL_EXTRA
4272
4273/* Return the total number of sessions */
4274long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx)
4275{
4276    word32 total = 0;
4277
4278    WOLFSSL_ENTER("wolfSSL_CTX_sess_number");
4279    (void)ctx;
4280
4281#if defined(WOLFSSL_SESSION_STATS) && !defined(NO_SESSION_CACHE)
4282    if (wolfSSL_get_session_stats(NULL, &total, NULL, NULL) !=
4283            WOLFSSL_SUCCESS) {
4284        WOLFSSL_MSG("Error getting session stats");
4285    }
4286#else
4287    WOLFSSL_MSG("Please use macro WOLFSSL_SESSION_STATS for session stats");
4288#endif
4289
4290    return (long)total;
4291}
4292
4293#endif
4294
4295#ifdef SESSION_CERTS
4296
4297/* get session ID */
4298WOLFSSL_ABI
4299const byte* wolfSSL_get_sessionID(const WOLFSSL_SESSION* session)
4300{
4301    WOLFSSL_ENTER("wolfSSL_get_sessionID");
4302    session = ClientSessionToSession(session);
4303    if (session)
4304        return session->sessionID;
4305
4306    return NULL;
4307}
4308
4309#endif
4310
4311#ifdef HAVE_EX_DATA
4312
4313int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION* session, int idx, void* data)
4314{
4315    int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
4316    WOLFSSL_ENTER("wolfSSL_SESSION_set_ex_data");
4317#ifdef HAVE_EX_DATA
4318    session = ClientSessionToSession(session);
4319    if (session != NULL) {
4320#ifndef NO_SESSION_CACHE
4321        if (!session->ownExData) {
4322            /* Need to update in cache */
4323            SESSION_ex_data_cache_update(session, idx, data, 0, NULL, &ret);
4324        }
4325        else
4326#endif
4327        {
4328            ret = wolfSSL_CRYPTO_set_ex_data(&session->ex_data, idx, data);
4329        }
4330    }
4331#else
4332    (void)session;
4333    (void)idx;
4334    (void)data;
4335#endif
4336    return ret;
4337}
4338
4339#ifdef HAVE_EX_DATA_CLEANUP_HOOKS
4340int wolfSSL_SESSION_set_ex_data_with_cleanup(
4341    WOLFSSL_SESSION* session,
4342    int idx,
4343    void* data,
4344    wolfSSL_ex_data_cleanup_routine_t cleanup_routine)
4345{
4346    WOLFSSL_ENTER("wolfSSL_SESSION_set_ex_data_with_cleanup");
4347    session = ClientSessionToSession(session);
4348    if(session != NULL) {
4349        return wolfSSL_CRYPTO_set_ex_data_with_cleanup(&session->ex_data, idx,
4350                                                       data, cleanup_routine);
4351    }
4352    return WOLFSSL_FAILURE;
4353}
4354#endif /* HAVE_EX_DATA_CLEANUP_HOOKS */
4355
4356void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION* session, int idx)
4357{
4358    void* ret = NULL;
4359    WOLFSSL_ENTER("wolfSSL_SESSION_get_ex_data");
4360#ifdef HAVE_EX_DATA
4361    session = ClientSessionToSession(session);
4362    if (session != NULL) {
4363#ifndef NO_SESSION_CACHE
4364        if (!session->ownExData) {
4365            /* Need to retrieve the data from the session cache */
4366            SESSION_ex_data_cache_update((WOLFSSL_SESSION*)session, idx, NULL,
4367                                         1, &ret, NULL);
4368        }
4369        else
4370#endif
4371        {
4372            ret = wolfSSL_CRYPTO_get_ex_data(&session->ex_data, idx);
4373        }
4374    }
4375#else
4376    (void)session;
4377    (void)idx;
4378#endif
4379    return ret;
4380}
4381
4382#ifdef HAVE_EX_DATA_CRYPTO
4383int wolfSSL_SESSION_get_ex_new_index(long ctx_l,void* ctx_ptr,
4384        WOLFSSL_CRYPTO_EX_new* new_func, WOLFSSL_CRYPTO_EX_dup* dup_func,
4385        WOLFSSL_CRYPTO_EX_free* free_func)
4386{
4387    WOLFSSL_ENTER("wolfSSL_SESSION_get_ex_new_index");
4388    return wolfssl_local_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
4389            ctx_l, ctx_ptr, new_func, dup_func, free_func);
4390}
4391#endif /* HAVE_EX_DATA_CRYPTO */
4392#endif /* HAVE_EX_DATA */
4393
4394#if defined(OPENSSL_ALL) || \
4395    defined(OPENSSL_EXTRA) || defined(HAVE_STUNNEL) || \
4396    defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
4397
4398const byte* wolfSSL_SESSION_get_id(const WOLFSSL_SESSION* sess,
4399        unsigned int* idLen)
4400{
4401    WOLFSSL_ENTER("wolfSSL_SESSION_get_id");
4402    sess = ClientSessionToSession(sess);
4403    if (sess == NULL || idLen == NULL) {
4404        WOLFSSL_MSG("Bad func args. Please provide idLen");
4405        return NULL;
4406    }
4407#ifdef HAVE_SESSION_TICKET
4408    if (sess->haveAltSessionID) {
4409        *idLen = ID_LEN;
4410        return sess->altSessionID;
4411    }
4412#endif
4413    *idLen = sess->sessionIDSz;
4414    return sess->sessionID;
4415}
4416
4417#if (defined(HAVE_SESSION_TICKET) || defined(SESSION_CERTS)) && \
4418    !defined(NO_FILESYSTEM)
4419
4420#ifndef NO_BIO
4421
4422#if defined(SESSION_CERTS) || \
4423   (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
4424static const char* wolfSSL_internal_get_version(const ProtocolVersion* version);
4425
4426/* returns a pointer to the protocol used by the session */
4427static const char* wolfSSL_SESSION_get_protocol(const WOLFSSL_SESSION* in)
4428{
4429    in = ClientSessionToSession(in);
4430    return wolfSSL_internal_get_version((ProtocolVersion*)&in->version);
4431}
4432#endif
4433
4434/* returns true (non 0) if the session has EMS (extended master secret) */
4435static int wolfSSL_SESSION_haveEMS(const WOLFSSL_SESSION* in)
4436{
4437    in = ClientSessionToSession(in);
4438    if (in == NULL)
4439        return 0;
4440    return in->haveEMS;
4441}
4442
4443#if defined(HAVE_SESSION_TICKET)
4444/* prints out the ticket to bio passed in
4445 * return WOLFSSL_SUCCESS on success
4446 */
4447static int wolfSSL_SESSION_print_ticket(WOLFSSL_BIO* bio,
4448        const WOLFSSL_SESSION* in, const char* tab)
4449{
4450    unsigned short i, j, z, sz;
4451    short tag = 0;
4452    byte* pt;
4453
4454
4455    in = ClientSessionToSession(in);
4456    if (in == NULL || bio == NULL) {
4457        return BAD_FUNC_ARG;
4458    }
4459
4460    sz = in->ticketLen;
4461    pt = in->ticket;
4462
4463    if (wolfSSL_BIO_printf(bio, "%s\n", (sz == 0)? " NONE": "") <= 0)
4464        return WOLFSSL_FAILURE;
4465
4466    for (i = 0; i < sz;) {
4467        char asc[16];
4468        XMEMSET(asc, 0, sizeof(asc));
4469
4470        if (sz - i < 16) {
4471            if (wolfSSL_BIO_printf(bio, "%s%04X -", tab, tag + (sz - i)) <= 0)
4472                return WOLFSSL_FAILURE;
4473        }
4474        else {
4475            if (wolfSSL_BIO_printf(bio, "%s%04X -", tab, tag) <= 0)
4476                return WOLFSSL_FAILURE;
4477        }
4478        for (j = 0; i < sz && j < 8; j++,i++) {
4479            asc[j] =  ((pt[i])&0x6f)>='A'?((pt[i])&0x6f):'.';
4480            if (wolfSSL_BIO_printf(bio, " %02X", pt[i]) <= 0)
4481                return WOLFSSL_FAILURE;
4482        }
4483
4484        if (i < sz) {
4485            asc[j] =  ((pt[i])&0x6f)>='A'?((pt[i])&0x6f):'.';
4486            if (wolfSSL_BIO_printf(bio, "-%02X", pt[i]) <= 0)
4487                return WOLFSSL_FAILURE;
4488            j++;
4489            i++;
4490        }
4491
4492        for (; i < sz && j < 16; j++,i++) {
4493            asc[j] =  ((pt[i])&0x6f)>='A'?((pt[i])&0x6f):'.';
4494            if (wolfSSL_BIO_printf(bio, " %02X", pt[i]) <= 0)
4495                return WOLFSSL_FAILURE;
4496        }
4497
4498        /* pad out spacing */
4499        for (z = j; z < 17; z++) {
4500            if (wolfSSL_BIO_printf(bio, "   ") <= 0)
4501                return WOLFSSL_FAILURE;
4502        }
4503
4504        for (z = 0; z < j; z++) {
4505            if (wolfSSL_BIO_printf(bio, "%c", asc[z]) <= 0)
4506                return WOLFSSL_FAILURE;
4507        }
4508        if (wolfSSL_BIO_printf(bio, "\n") <= 0)
4509            return WOLFSSL_FAILURE;
4510
4511        tag += 16;
4512    }
4513    return WOLFSSL_SUCCESS;
4514}
4515#endif /* HAVE_SESSION_TICKET */
4516
4517
4518/* prints out the session information in human readable form
4519 * return WOLFSSL_SUCCESS on success
4520 */
4521int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *session)
4522{
4523    const unsigned char* pt;
4524    unsigned char buf[SECRET_LEN];
4525    unsigned int sz = 0, i;
4526    int ret;
4527
4528    session = ClientSessionToSession(session);
4529    if (session == NULL) {
4530        return WOLFSSL_FAILURE;
4531    }
4532
4533    if (wolfSSL_BIO_printf(bp, "%s\n", "SSL-Session:") <= 0)
4534        return WOLFSSL_FAILURE;
4535
4536#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
4537                               defined(HAVE_SESSION_TICKET))
4538    if (wolfSSL_BIO_printf(bp, "    Protocol  : %s\n",
4539            wolfSSL_SESSION_get_protocol(session)) <= 0)
4540        return WOLFSSL_FAILURE;
4541#endif
4542
4543    if (wolfSSL_BIO_printf(bp, "    Cipher    : %s\n",
4544            wolfSSL_SESSION_CIPHER_get_name(session)) <= 0)
4545        return WOLFSSL_FAILURE;
4546
4547    pt = wolfSSL_SESSION_get_id(session, &sz);
4548    if (wolfSSL_BIO_printf(bp, "    Session-ID: ") <= 0)
4549        return WOLFSSL_FAILURE;
4550
4551    for (i = 0; i < sz; i++) {
4552        if (wolfSSL_BIO_printf(bp, "%02X", pt[i]) <= 0)
4553            return WOLFSSL_FAILURE;
4554    }
4555    if (wolfSSL_BIO_printf(bp, "\n") <= 0)
4556        return WOLFSSL_FAILURE;
4557
4558    if (wolfSSL_BIO_printf(bp, "    Session-ID-ctx: \n") <= 0)
4559        return WOLFSSL_FAILURE;
4560
4561    ret = wolfSSL_SESSION_get_master_key(session, buf, sizeof(buf));
4562    if (wolfSSL_BIO_printf(bp, "    Master-Key: ") <= 0)
4563        return WOLFSSL_FAILURE;
4564
4565    if (ret > 0) {
4566        sz = (unsigned int)ret;
4567        for (i = 0; i < sz; i++) {
4568            if (wolfSSL_BIO_printf(bp, "%02X", buf[i]) <= 0)
4569                return WOLFSSL_FAILURE;
4570        }
4571    }
4572    if (wolfSSL_BIO_printf(bp, "\n") <= 0)
4573        return WOLFSSL_FAILURE;
4574
4575    /* @TODO PSK identity hint and SRP */
4576
4577    if (wolfSSL_BIO_printf(bp, "    TLS session ticket:") <= 0)
4578        return WOLFSSL_FAILURE;
4579
4580#ifdef HAVE_SESSION_TICKET
4581    if (wolfSSL_SESSION_print_ticket(bp, session, "    ") != WOLFSSL_SUCCESS)
4582        return WOLFSSL_FAILURE;
4583#endif
4584
4585#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \
4586        defined(HAVE_EXT_CACHE))
4587    if (wolfSSL_BIO_printf(bp, "    Start Time: %ld\n",
4588                wolfSSL_SESSION_get_time(session)) <= 0)
4589        return WOLFSSL_FAILURE;
4590
4591    if (wolfSSL_BIO_printf(bp, "    Timeout   : %ld (sec)\n",
4592            wolfSSL_SESSION_get_timeout(session)) <= 0)
4593        return WOLFSSL_FAILURE;
4594#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */
4595
4596    /* @TODO verify return code print */
4597
4598    if (wolfSSL_BIO_printf(bp, "    Extended master secret: %s\n",
4599            (wolfSSL_SESSION_haveEMS(session) == 0)? "no" : "yes") <= 0)
4600        return WOLFSSL_FAILURE;
4601
4602    return WOLFSSL_SUCCESS;
4603}
4604
4605#endif /* !NO_BIO */
4606#endif /* (HAVE_SESSION_TICKET || SESSION_CERTS) && !NO_FILESYSTEM */
4607
4608#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX ||
4609        * WOLFSSL_HAPROXY */
4610
4611#ifdef OPENSSL_EXTRA
4612/**
4613 * Determine whether a WOLFSSL_SESSION object can be used for resumption
4614 * @param s  a pointer to WOLFSSL_SESSION structure
4615 * @return return 1 if session is resumable, otherwise 0.
4616 */
4617int wolfSSL_SESSION_is_resumable(const WOLFSSL_SESSION *s)
4618{
4619    s = ClientSessionToSession(s);
4620    if (s == NULL)
4621        return 0;
4622
4623#ifdef HAVE_SESSION_TICKET
4624    if (s->ticketLen > 0)
4625        return 1;
4626#endif
4627
4628    if (s->sessionIDSz > 0)
4629        return 1;
4630
4631    return 0;
4632}
4633#endif /* OPENSSL_EXTRA */
4634
4635#endif /* !WOLFSSL_SSL_SESS_INCLUDED */
4636