mozilla-central/security/nss/lib/ssl/sslsnce.c (file symbol)

Source code

Revision control

Copy as Markdown

Other Tools

/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* This file implements the SERVER Session ID cache.
* NOTE: The contents of this file are NOT used by the client.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server
* cache sids!
*
* About record locking among different server processes:
*
* All processes that are part of the same conceptual server (serving on
* the same address and port) MUST share a common SSL session cache.
* This code makes the content of the shared cache accessible to all
* processes on the same "server". This code works on Unix and Win32 only.
*
* We use NSPR anonymous shared memory and move data to & from shared memory.
* We must do explicit locking of the records for all reads and writes.
* The set of Cache entries are divided up into "sets" of 128 entries.
* Each set is protected by a lock. There may be one or more sets protected
* by each lock. That is, locks to sets are 1:N.
* There is one lock for the entire cert cache.
* There is one lock for the set of wrapped sym wrap keys.
*
* The anonymous shared memory is laid out as if it were declared like this:
*
* struct {
* cacheDescriptor desc;
* sidCacheLock sidCacheLocks[ numSIDCacheLocks];
* sidCacheLock keyCacheLock;
* sidCacheLock certCacheLock;
* sidCacheSet sidCacheSets[ numSIDCacheSets ];
* sidCacheEntry sidCacheData[ numSIDCacheEntries];
* certCacheEntry certCacheData[numCertCacheEntries];
* SSLWrappedSymWrappingKey keyCacheData[SSL_NUM_WRAP_KEYS][SSL_NUM_WRAP_MECHS];
* PRUint8 keyNameSuffix[SELF_ENCRYPT_KEY_VAR_NAME_LEN]
* encKeyCacheEntry ticketEncKey; // Wrapped
* encKeyCacheEntry ticketMacKey; // Wrapped
* PRBool ticketKeysValid;
* sidCacheLock srvNameCacheLock;
* srvNameCacheEntry srvNameData[ numSrvNameCacheEntries ];
* } cacheMemCacheData;
*/
#include "seccomon.h"
#if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_OS2)
#include "cert.h"
#include "ssl.h"
#include "sslimpl.h"
#include "sslproto.h"
#include "pk11func.h"
#include "base64.h"
#include "keyhi.h"
#include "blapit.h"
#include "nss.h" /* for NSS_RegisterShutdown */
#include "sechash.h"
#include "selfencrypt.h"
#include <stdio.h>
#if defined(XP_UNIX)
#include <syslog.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
#include <signal.h>
#include "unix_err.h"
#else
#ifdef XP_WIN32
#include <wtypes.h>
#include "win32err.h"
#endif
#endif
#include <sys/types.h>
#include "nspr.h"
#include "sslmutex.h"
/*
** Format of a cache entry in the shared memory.
*/
PR_STATIC_ASSERT(sizeof(PRTime) == 8);
struct sidCacheEntryStr {
/* 16 */ PRIPv6Addr addr; /* client's IP address */
/* 8 */ PRTime creationTime;
/* 8 */ PRTime lastAccessTime;
/* 8 */ PRTime expirationTime;
/* 2 */ PRUint16 version;
/* 1 */ PRUint8 valid;
/* 1 */ PRUint8 sessionIDLength;
/* 32 */ PRUint8 sessionID[SSL3_SESSIONID_BYTES];
/* 2 */ PRUint16 authType;
/* 2 */ PRUint16 authKeyBits;
/* 2 */ PRUint16 keaType;
/* 2 */ PRUint16 keaKeyBits;
/* 4 */ PRUint32 signatureScheme;
/* 4 */ PRUint32 keaGroup;
/* 92 - common header total */
union {
struct {
/* 2 */ ssl3CipherSuite cipherSuite;
/* 52 */ ssl3SidKeys keys; /* keys, wrapped as needed. */
/* 4 */ PRUint32 masterWrapMech;
/* 4 */ PRInt32 certIndex;
/* 4 */ PRInt32 srvNameIndex;
/* 32 */ PRUint8 srvNameHash[SHA256_LENGTH]; /* SHA256 name hash */
/* 2 */ PRUint16 namedCurve;
/*100 */} ssl3;
/* force sizeof(sidCacheEntry) to be a multiple of cache line size */
struct {
/*116 */ PRUint8 filler[116]; /* 92+116==208, a multiple of 16 */
} forceSize;
} u;
};
typedef struct sidCacheEntryStr sidCacheEntry;
/* The length of this struct is supposed to be a power of 2, e.g. 4KB */
struct certCacheEntryStr {
PRUint16 certLength; /* 2 */
PRUint16 sessionIDLength; /* 2 */
PRUint8 sessionID[SSL3_SESSIONID_BYTES]; /* 32 */
PRUint8 cert[SSL_MAX_CACHED_CERT_LEN]; /* 4060 */
}; /* total 4096 */
typedef struct certCacheEntryStr certCacheEntry;
struct sidCacheLockStr {
PRUint32 timeStamp;
sslMutex mutex;
sslPID pid;
};
typedef struct sidCacheLockStr sidCacheLock;
struct sidCacheSetStr {
PRIntn next;
};
typedef struct sidCacheSetStr sidCacheSet;
struct encKeyCacheEntryStr {
PRUint8 bytes[512];
PRInt32 length;
};
typedef struct encKeyCacheEntryStr encKeyCacheEntry;
#define SSL_MAX_DNS_HOST_NAME 1024
struct srvNameCacheEntryStr {
PRUint16 type; /* 2 */
PRUint16 nameLen; /* 2 */
PRUint8 name[SSL_MAX_DNS_HOST_NAME + 12]; /* 1034 */
PRUint8 nameHash[SHA256_LENGTH]; /* 32 */
/* 1072 */
};
typedef struct srvNameCacheEntryStr srvNameCacheEntry;
struct cacheDescStr {
PRUint32 cacheMemSize;
PRUint32 numSIDCacheLocks;
PRUint32 numSIDCacheSets;
PRUint32 numSIDCacheSetsPerLock;
PRUint32 numSIDCacheEntries;
PRUint32 sidCacheSize;
PRUint32 numCertCacheEntries;
PRUint32 certCacheSize;
PRUint32 numKeyCacheEntries;
PRUint32 keyCacheSize;
PRUint32 numSrvNameCacheEntries;
PRUint32 srvNameCacheSize;
PRUint32 ssl3Timeout;
PRUint32 numSIDCacheLocksInitialized;
/* These values are volatile, and are accessed through sharedCache-> */
PRUint32 nextCertCacheEntry; /* certCacheLock protects */
PRBool stopPolling;
PRBool everInherited;
/* The private copies of these values are pointers into shared mem */
/* The copies of these values in shared memory are merely offsets */
sidCacheLock *sidCacheLocks;
sidCacheLock *keyCacheLock;
sidCacheLock *certCacheLock;
sidCacheLock *srvNameCacheLock;
sidCacheSet *sidCacheSets;
sidCacheEntry *sidCacheData;
certCacheEntry *certCacheData;
SSLWrappedSymWrappingKey *keyCacheData;
PRUint8 *ticketKeyNameSuffix;
encKeyCacheEntry *ticketEncKey;
encKeyCacheEntry *ticketMacKey;
PRUint32 *ticketKeysValid;
srvNameCacheEntry *srvNameCacheData;
/* Only the private copies of these pointers are valid */
char *cacheMem;
struct cacheDescStr *sharedCache; /* shared copy of this struct */
PRFileMap *cacheMemMap;
PRThread *poller;
PRUint32 mutexTimeout;
PRBool shared;
};
typedef struct cacheDescStr cacheDesc;
static cacheDesc globalCache;
static const char envVarName[] = { SSL_ENV_VAR_NAME };
static PRBool isMultiProcess = PR_FALSE;
#define DEF_SID_CACHE_ENTRIES 10000
#define DEF_CERT_CACHE_ENTRIES 250
#define MIN_CERT_CACHE_ENTRIES 125 /* the effective size in old releases. */
#define DEF_KEY_CACHE_ENTRIES 250
#define DEF_NAME_CACHE_ENTRIES 1000
#define SID_CACHE_ENTRIES_PER_SET 128
#define SID_ALIGNMENT 16
#define DEF_SSL3_TIMEOUT 86400L /* 24 hours */
#define MAX_SSL3_TIMEOUT 86400L /* 24 hours */
#define MIN_SSL3_TIMEOUT 5 /* seconds */
#if defined(AIX) || defined(LINUX) || defined(NETBSD) || defined(OPENBSD)
#define MAX_SID_CACHE_LOCKS 8 /* two FDs per lock */
#else
#define MAX_SID_CACHE_LOCKS 256
#endif
#define SID_HOWMANY(val, size) (((val) + ((size)-1)) / (size))
#define SID_ROUNDUP(val, size) ((size)*SID_HOWMANY((val), (size)))
static sslPID myPid;
static PRUint32 ssl_max_sid_cache_locks = MAX_SID_CACHE_LOCKS;
/* forward static function declarations */
static PRUint32 SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s,
unsigned nl);
#if defined(XP_UNIX)
static SECStatus LaunchLockPoller(cacheDesc *cache);
static SECStatus StopLockPoller(cacheDesc *cache);
#endif
struct inheritanceStr {
PRUint32 cacheMemSize;
PRUint32 fmStrLen;
};
typedef struct inheritanceStr inheritance;
#if defined(_WIN32) || defined(XP_OS2)
#define DEFAULT_CACHE_DIRECTORY "\\temp"
#endif /* _win32 */
#if defined(XP_UNIX)
#define DEFAULT_CACHE_DIRECTORY "/tmp"
#endif /* XP_UNIX */
/************************************************************************/
/* SSL Session Cache has a smaller set of functions to initialize than
* ssl does. some ssl_functions can't be initialized before NSS has been
* initialized, and the cache may be configured before NSS is initialized
* so thus the special init function */
static SECStatus
ssl_InitSessionCache()
{
/* currently only one function, which is itself idempotent */
return ssl_InitializePRErrorTable();
}
/* This is used to set locking times for the cache. It is not used to set the
* PRTime attributes of sessions, which are driven by ss->now(). */
static PRUint32
ssl_CacheNow()
{
return PR_Now() / PR_USEC_PER_SEC;
}
static PRUint32
LockSidCacheLock(sidCacheLock *lock, PRUint32 now)
{
SECStatus rv = sslMutex_Lock(&lock->mutex);
if (rv != SECSuccess)
return 0;
if (!now) {
now = ssl_CacheNow();
}
lock->timeStamp = now;
lock->pid = myPid;
return now;
}
static SECStatus
UnlockSidCacheLock(sidCacheLock *lock)
{
SECStatus rv;
lock->pid = 0;
rv = sslMutex_Unlock(&lock->mutex);
return rv;
}
/* Returns non-zero |now| or ssl_CacheNow() on success, zero on failure. */
static PRUint32
LockSet(cacheDesc *cache, PRUint32 set, PRUint32 now)
{
PRUint32 lockNum = set % cache->numSIDCacheLocks;
sidCacheLock *lock = cache->sidCacheLocks + lockNum;
return LockSidCacheLock(lock, now);
}
static SECStatus
UnlockSet(cacheDesc *cache, PRUint32 set)
{
PRUint32 lockNum = set % cache->numSIDCacheLocks;
sidCacheLock *lock = cache->sidCacheLocks + lockNum;
return UnlockSidCacheLock(lock);
}
/************************************************************************/
/* Put a certificate in the cache. Update the cert index in the sce.
*/
static PRUint32
CacheCert(cacheDesc *cache, CERTCertificate *cert, sidCacheEntry *sce)
{
PRUint32 now;
certCacheEntry cce;
if ((cert->derCert.len > SSL_MAX_CACHED_CERT_LEN) ||
(cert->derCert.len <= 0) ||
(cert->derCert.data == NULL)) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return 0;
}
cce.sessionIDLength = sce->sessionIDLength;
PORT_Memcpy(cce.sessionID, sce->sessionID, cce.sessionIDLength);
cce.certLength = cert->derCert.len;
PORT_Memcpy(cce.cert, cert->derCert.data, cce.certLength);
/* get lock on cert cache */
now = LockSidCacheLock(cache->certCacheLock, 0);
if (now) {
/* Find where to place the next cert cache entry. */
cacheDesc *sharedCache = cache->sharedCache;
PRUint32 ndx = sharedCache->nextCertCacheEntry;
/* write the entry */
cache->certCacheData[ndx] = cce;
/* remember where we put it. */
sce->u.ssl3.certIndex = ndx;
/* update the "next" cache entry index */
sharedCache->nextCertCacheEntry =
(ndx + 1) % cache->numCertCacheEntries;
UnlockSidCacheLock(cache->certCacheLock);
}
return now;
}
/* Server configuration hash tables need to account the SECITEM.type
* field as well. These functions accomplish that. */
static PLHashNumber
Get32BitNameHash(const SECItem *name)
{
PLHashNumber rv = SECITEM_Hash(name);
PRUint8 *rvc = (PRUint8 *)&rv;
rvc[name->len % sizeof(rv)] ^= name->type;
return rv;
}
/* Put a name in the cache. Update the cert index in the sce.
*/
static PRUint32
CacheSrvName(cacheDesc *cache, SECItem *name, sidCacheEntry *sce)
{
PRUint32 now;
PRUint32 ndx;
srvNameCacheEntry snce;
if (!name || name->len <= 0 ||
name->len > SSL_MAX_DNS_HOST_NAME) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return 0;
}
snce.type = name->type;
snce.nameLen = name->len;
PORT_Memcpy(snce.name, name->data, snce.nameLen);
HASH_HashBuf(HASH_AlgSHA256, snce.nameHash, name->data, name->len);
/* get index of the next name */
ndx = Get32BitNameHash(name);
/* get lock on cert cache */
now = LockSidCacheLock(cache->srvNameCacheLock, 0);
if (now) {
if (cache->numSrvNameCacheEntries > 0) {
/* Fit the index into array */
ndx %= cache->numSrvNameCacheEntries;
/* write the entry */
cache->srvNameCacheData[ndx] = snce;
/* remember where we put it. */
sce->u.ssl3.srvNameIndex = ndx;
/* Copy hash into sid hash */
PORT_Memcpy(sce->u.ssl3.srvNameHash, snce.nameHash, SHA256_LENGTH);
}
UnlockSidCacheLock(cache->srvNameCacheLock);
}
return now;
}
/*
** Convert local SID to shared memory one
*/
static void
ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
{
to->valid = 1;
to->version = from->version;
to->addr = from->addr;
to->creationTime = from->creationTime;
to->lastAccessTime = from->lastAccessTime;
to->expirationTime = from->expirationTime;
to->authType = from->authType;
to->authKeyBits = from->authKeyBits;
to->keaType = from->keaType;
to->keaKeyBits = from->keaKeyBits;
to->keaGroup = from->keaGroup;
to->signatureScheme = from->sigScheme;
to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
to->u.ssl3.keys = from->u.ssl3.keys;
to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
to->sessionIDLength = from->u.ssl3.sessionIDLength;
to->u.ssl3.certIndex = -1;
to->u.ssl3.srvNameIndex = -1;
PORT_Memcpy(to->sessionID, from->u.ssl3.sessionID,
to->sessionIDLength);
to->u.ssl3.namedCurve = 0U;
if (from->authType == ssl_auth_ecdsa ||
from->authType == ssl_auth_ecdh_rsa ||
from->authType == ssl_auth_ecdh_ecdsa) {
PORT_Assert(from->namedCurve);
to->u.ssl3.namedCurve = (PRUint16)from->namedCurve->name;
}
SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x "
"cipherSuite=%d",
myPid, to->creationTime / PR_USEC_PER_SEC,
to->addr.pr_s6_addr32[0], to->addr.pr_s6_addr32[1],
to->addr.pr_s6_addr32[2], to->addr.pr_s6_addr32[3],
to->u.ssl3.cipherSuite));
}
/*
** Convert shared memory cache-entry to local memory based one
** This is only called from ServerSessionIDLookup().
*/
static sslSessionID *
ConvertToSID(sidCacheEntry *from,
certCacheEntry *pcce,
srvNameCacheEntry *psnce,
CERTCertDBHandle *dbHandle)
{
sslSessionID *to;
to = PORT_ZNew(sslSessionID);
if (!to) {
return 0;
}
to->u.ssl3.sessionIDLength = from->sessionIDLength;
to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
to->u.ssl3.keys = from->u.ssl3.keys;
to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
if (from->u.ssl3.srvNameIndex != -1 && psnce) {
SECItem name;
SECStatus rv;
name.type = psnce->type;
name.len = psnce->nameLen;
name.data = psnce->name;
rv = SECITEM_CopyItem(NULL, &to->u.ssl3.srvName, &name);
if (rv != SECSuccess) {
goto loser;
}
}
PORT_Memcpy(to->u.ssl3.sessionID, from->sessionID, from->sessionIDLength);
to->urlSvrName = NULL;
to->u.ssl3.masterModuleID = (SECMODModuleID)-1; /* invalid value */
to->u.ssl3.masterSlotID = (CK_SLOT_ID)-1; /* invalid value */
to->u.ssl3.masterWrapIndex = 0;
to->u.ssl3.masterWrapSeries = 0;
to->u.ssl3.masterValid = PR_FALSE;
to->u.ssl3.clAuthModuleID = (SECMODModuleID)-1; /* invalid value */
to->u.ssl3.clAuthSlotID = (CK_SLOT_ID)-1; /* invalid value */
to->u.ssl3.clAuthSeries = 0;
to->u.ssl3.clAuthValid = PR_FALSE;
if (from->u.ssl3.certIndex != -1 && pcce) {
SECItem derCert;
derCert.len = pcce->certLength;
derCert.data = pcce->cert;
to->peerCert = CERT_NewTempCertificate(dbHandle, &derCert, NULL,
PR_FALSE, PR_TRUE);
if (to->peerCert == NULL)
goto loser;
}
if (from->authType == ssl_auth_ecdsa ||
from->authType == ssl_auth_ecdh_rsa ||
from->authType == ssl_auth_ecdh_ecdsa) {
to->namedCurve =
ssl_LookupNamedGroup((SSLNamedGroup)from->u.ssl3.namedCurve);
}
to->version = from->version;
to->creationTime = from->creationTime;
to->lastAccessTime = from->lastAccessTime;
to->expirationTime = from->expirationTime;
to->cached = in_server_cache;
to->addr = from->addr;
to->references = 1;
to->authType = from->authType;
to->authKeyBits = from->authKeyBits;
to->keaType = from->keaType;
to->keaKeyBits = from->keaKeyBits;
to->keaGroup = from->keaGroup;
to->sigScheme = from->signatureScheme;
return to;
loser:
if (to) {
SECITEM_FreeItem(&to->u.ssl3.srvName, PR_FALSE);
PORT_Free(to);
}
return NULL;
}
/*
** Perform some mumbo jumbo on the ip-address and the session-id value to
** compute a hash value.
*/
static PRUint32
SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl)
{
PRUint32 rv;
PRUint32 x[8];
memset(x, 0, sizeof x);
if (nl > sizeof x)
nl = sizeof x;
memcpy(x, s, nl);
rv = (addr->pr_s6_addr32[0] ^ addr->pr_s6_addr32[1] ^
addr->pr_s6_addr32[2] ^ addr->pr_s6_addr32[3] ^
x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4] ^ x[5] ^ x[6] ^ x[7]) %
cache->numSIDCacheSets;
return rv;
}
/*
** Look something up in the cache. This will invalidate old entries
** in the process. Caller has locked the cache set!
** Returns PR_TRUE if found a valid match. PR_FALSE otherwise.
*/
static sidCacheEntry *
FindSID(cacheDesc *cache, PRUint32 setNum, PRUint32 now,
const PRIPv6Addr *addr, unsigned char *sessionID,
unsigned sessionIDLength)
{
PRUint32 ndx = cache->sidCacheSets[setNum].next;
int i;
sidCacheEntry *set = cache->sidCacheData +
(setNum * SID_CACHE_ENTRIES_PER_SET);
for (i = SID_CACHE_ENTRIES_PER_SET; i > 0; --i) {
sidCacheEntry *sce;
ndx = (ndx - 1) % SID_CACHE_ENTRIES_PER_SET;
sce = set + ndx;
if (!sce->valid)
continue;
if (now > sce->expirationTime) {
/* SessionID has timed out. Invalidate the entry. */
SSL_TRC(7, ("%d: timed out sid entry addr=%08x%08x%08x%08x now=%x "
"time+=%x",
myPid, sce->addr.pr_s6_addr32[0],
sce->addr.pr_s6_addr32[1], sce->addr.pr_s6_addr32[2],
sce->addr.pr_s6_addr32[3], now,
sce->expirationTime));
sce->valid = 0;
continue;
}
/*
** Next, examine specific session-id/addr data to see if the cache
** entry matches our addr+session-id value
*/
if (sessionIDLength == sce->sessionIDLength &&
!memcmp(&sce->addr, addr, sizeof(PRIPv6Addr)) &&
!memcmp(sce->sessionID, sessionID, sessionIDLength)) {
/* Found it */
return sce;
}
}
PORT_SetError(SSL_ERROR_SESSION_NOT_FOUND);
return NULL;
}
/************************************************************************/
/* This is the primary function for finding entries in the server's sid cache.
* Although it is static, this function is called via the global function
* pointer ssl_sid_lookup.
*
* sslNow is the time that the calling socket understands, which might be
* different than what the cache uses to maintain its locks.
*/
static sslSessionID *
ServerSessionIDLookup(PRTime sslNow, const PRIPv6Addr *addr,
unsigned char *sessionID,
unsigned int sessionIDLength,
CERTCertDBHandle *dbHandle)
{
sslSessionID *sid = 0;
sidCacheEntry *psce;
certCacheEntry *pcce = 0;
srvNameCacheEntry *psnce = 0;
cacheDesc *cache = &globalCache;
PRUint32 now;
PRUint32 set;
PRInt32 cndx;
sidCacheEntry sce;
certCacheEntry cce;
srvNameCacheEntry snce;
set = SIDindex(cache, addr, sessionID, sessionIDLength);
now = LockSet(cache, set, 0);
if (!now)
return NULL;
psce = FindSID(cache, set, now, addr, sessionID, sessionIDLength);
if (psce) {
if ((cndx = psce->u.ssl3.certIndex) != -1) {
PRUint32 gotLock = LockSidCacheLock(cache->certCacheLock, now);
if (gotLock) {
pcce = &cache->certCacheData[cndx];
/* See if the cert's session ID matches the sce cache. */
if ((pcce->sessionIDLength == psce->sessionIDLength) &&
!PORT_Memcmp(pcce->sessionID, psce->sessionID,
pcce->sessionIDLength)) {
cce = *pcce;
} else {
/* The cert doesen't match the SID cache entry,
** so invalidate the SID cache entry.
*/
psce->valid = 0;
psce = 0;
pcce = 0;
}
UnlockSidCacheLock(cache->certCacheLock);
} else {
/* what the ??. Didn't get the cert cache lock.
** Don't invalidate the SID cache entry, but don't find it.
*/
PORT_AssertNotReached("Didn't get cert Cache Lock!");
psce = 0;
pcce = 0;
}
}
if (psce && ((cndx = psce->u.ssl3.srvNameIndex) != -1)) {
PRUint32 gotLock = LockSidCacheLock(cache->srvNameCacheLock,
now);
if (gotLock) {
psnce = &cache->srvNameCacheData[cndx];
if (!PORT_Memcmp(psnce->nameHash, psce->u.ssl3.srvNameHash,
SHA256_LENGTH)) {
snce = *psnce;
} else {
/* The name doesen't match the SID cache entry,
** so invalidate the SID cache entry.
*/
psce->valid = 0;
psce = 0;
psnce = 0;
}
UnlockSidCacheLock(cache->srvNameCacheLock);
} else {
/* what the ??. Didn't get the cert cache lock.
** Don't invalidate the SID cache entry, but don't find it.
*/
PORT_AssertNotReached("Didn't get name Cache Lock!");
psce = 0;
psnce = 0;
}
}
if (psce) {
psce->lastAccessTime = sslNow;
sce = *psce; /* grab a copy while holding the lock */
}
}
UnlockSet(cache, set);
if (psce) {
/* sce conains a copy of the cache entry.
** Convert shared memory format to local format
*/
sid = ConvertToSID(&sce, pcce ? &cce : 0, psnce ? &snce : 0, dbHandle);
}
return sid;
}
/*
** Place a sid into the cache, if it isn't already there.
*/
void
ssl_ServerCacheSessionID(sslSessionID *sid, PRTime creationTime)
{
PORT_Assert(sid);
sidCacheEntry sce;
PRUint32 now = 0;
cacheDesc *cache = &globalCache;
if (sid->u.ssl3.sessionIDLength == 0) {
return;
}
if (sid->cached == never_cached || sid->cached == invalid_cache) {
PRUint32 set;
SECItem *name;
PORT_Assert(sid->creationTime != 0);
if (!sid->creationTime)
sid->lastAccessTime = sid->creationTime = creationTime;
/* override caller's expiration time, which uses client timeout
* duration, not server timeout duration.
*/
sid->expirationTime =
sid->creationTime + cache->ssl3Timeout * PR_USEC_PER_SEC;
SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
"cipherSuite=%d",
myPid, sid->cached,
sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
sid->creationTime / PR_USEC_PER_SEC,
sid->u.ssl3.cipherSuite));
PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID,
sid->u.ssl3.sessionIDLength));
ConvertFromSID(&sce, sid);
name = &sid->u.ssl3.srvName;
if (name->len && name->data) {
now = CacheSrvName(cache, name, &sce);
}
if (sid->peerCert != NULL) {
now = CacheCert(cache, sid->peerCert, &sce);
}
set = SIDindex(cache, &sce.addr, sce.sessionID, sce.sessionIDLength);
now = LockSet(cache, set, now);
if (now) {
PRUint32 next = cache->sidCacheSets[set].next;
PRUint32 ndx = set * SID_CACHE_ENTRIES_PER_SET + next;
/* Write out new cache entry */
cache->sidCacheData[ndx] = sce;
cache->sidCacheSets[set].next =
(next + 1) % SID_CACHE_ENTRIES_PER_SET;
UnlockSet(cache, set);
sid->cached = in_server_cache;
}
}
}
/*
** Although this is static, it is called from ssl via global function pointer
** ssl_sid_uncache. This invalidates the referenced cache entry.
*/
void
ssl_ServerUncacheSessionID(sslSessionID *sid)
{
cacheDesc *cache = &globalCache;
PRUint8 *sessionID;
unsigned int sessionIDLength;
PRErrorCode err;
PRUint32 set;
PRUint32 now;
sidCacheEntry *psce;
if (sid == NULL)
return;
/* Uncaching a SID should never change the error code.
** So save it here and restore it before exiting.
*/
err = PR_GetError();
sessionID = sid->u.ssl3.sessionID;
sessionIDLength = sid->u.ssl3.sessionIDLength;
SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
"cipherSuite=%d",
myPid, sid->cached,
sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
sid->creationTime / PR_USEC_PER_SEC,
sid->u.ssl3.cipherSuite));
PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
set = SIDindex(cache, &sid->addr, sessionID, sessionIDLength);
now = LockSet(cache, set, 0);
if (now) {
psce = FindSID(cache, set, now, &sid->addr, sessionID, sessionIDLength);
if (psce) {
psce->valid = 0;
}
UnlockSet(cache, set);
}
sid->cached = invalid_cache;
PORT_SetError(err);
}
#ifdef XP_OS2
#define INCL_DOSPROCESS
#include <os2.h>
long
gettid(void)
{
PTIB ptib;
PPIB ppib;
DosGetInfoBlocks(&ptib, &ppib);
return ((long)ptib->tib_ordinal); /* thread id */
}
#endif
static void
CloseCache(cacheDesc *cache)
{
int locks_initialized = cache->numSIDCacheLocksInitialized;
if (cache->cacheMem) {
if (cache->sharedCache) {
sidCacheLock *pLock = cache->sidCacheLocks;
for (; locks_initialized > 0; --locks_initialized, ++pLock) {
/* If everInherited is true, this shared cache was (and may
** still be) in use by multiple processes. We do not wish to
** destroy the mutexes while they are still in use, but we do
** want to free mutex resources associated with this process.
*/
sslMutex_Destroy(&pLock->mutex,
cache->sharedCache->everInherited);
}
}
if (cache->shared) {
PR_MemUnmap(cache->cacheMem, cache->cacheMemSize);
} else {
PORT_Free(cache->cacheMem);
}
cache->cacheMem = NULL;
}
if (cache->cacheMemMap) {
PR_CloseFileMap(cache->cacheMemMap);
cache->cacheMemMap = NULL;
}
memset(cache, 0, sizeof *cache);
}
static SECStatus
InitCache(cacheDesc *cache, int maxCacheEntries, int maxCertCacheEntries,
int maxSrvNameCacheEntries, PRUint32 ssl3_timeout,
const char *directory, PRBool shared)
{
ptrdiff_t ptr;
sidCacheLock *pLock;
char *cacheMem;
PRFileMap *cacheMemMap;
char *cfn = NULL; /* cache file name */
int locks_initialized = 0;
int locks_to_initialize = 0;
PRUint32 init_time;
if ((!cache) || (maxCacheEntries < 0) || (!directory)) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
if (cache->cacheMem) {
/* Already done */
return SECSuccess;
}
/* make sure loser can clean up properly */
cache->shared = shared;
cache->cacheMem = cacheMem = NULL;
cache->cacheMemMap = cacheMemMap = NULL;
cache->sharedCache = (cacheDesc *)0;
cache->numSIDCacheLocksInitialized = 0;
cache->nextCertCacheEntry = 0;
cache->stopPolling = PR_FALSE;
cache->everInherited = PR_FALSE;
cache->poller = NULL;
cache->mutexTimeout = 0;
cache->numSIDCacheEntries = maxCacheEntries ? maxCacheEntries
: DEF_SID_CACHE_ENTRIES;
cache->numSIDCacheSets =
SID_HOWMANY(cache->numSIDCacheEntries, SID_CACHE_ENTRIES_PER_SET);
cache->numSIDCacheEntries =
cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET;
cache->numSIDCacheLocks =
PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks);
cache->numSIDCacheSetsPerLock =
SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks);
cache->numCertCacheEntries = (maxCertCacheEntries > 0) ? maxCertCacheEntries
: 0;
cache->numSrvNameCacheEntries = (maxSrvNameCacheEntries >= 0) ? maxSrvNameCacheEntries
: DEF_NAME_CACHE_ENTRIES;
/* compute size of shared memory, and offsets of all pointers */
ptr = 0;
cache->cacheMem = (char *)ptr;
ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT);
cache->sidCacheLocks = (sidCacheLock *)ptr;
cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
cache->certCacheLock = cache->keyCacheLock + 1;
cache->srvNameCacheLock = cache->certCacheLock + 1;
ptr = (ptrdiff_t)(cache->srvNameCacheLock + 1);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->sidCacheSets = (sidCacheSet *)ptr;
ptr = (ptrdiff_t)(cache->sidCacheSets + cache->numSIDCacheSets);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->sidCacheData = (sidCacheEntry *)ptr;
ptr = (ptrdiff_t)(cache->sidCacheData + cache->numSIDCacheEntries);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->certCacheData = (certCacheEntry *)ptr;
cache->sidCacheSize =
(char *)cache->certCacheData - (char *)cache->sidCacheData;
if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES) {
/* This is really a poor way to computer this! */
cache->numCertCacheEntries = cache->sidCacheSize / sizeof(certCacheEntry);
if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES)
cache->numCertCacheEntries = MIN_CERT_CACHE_ENTRIES;
}
ptr = (ptrdiff_t)(cache->certCacheData + cache->numCertCacheEntries);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->keyCacheData = (SSLWrappedSymWrappingKey *)ptr;
cache->certCacheSize =
(char *)cache->keyCacheData - (char *)cache->certCacheData;
cache->numKeyCacheEntries = SSL_NUM_WRAP_KEYS * SSL_NUM_WRAP_MECHS;
ptr = (ptrdiff_t)(cache->keyCacheData + cache->numKeyCacheEntries);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->keyCacheSize = (char *)ptr - (char *)cache->keyCacheData;
cache->ticketKeyNameSuffix = (PRUint8 *)ptr;
ptr = (ptrdiff_t)(cache->ticketKeyNameSuffix +
SELF_ENCRYPT_KEY_VAR_NAME_LEN);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->ticketEncKey = (encKeyCacheEntry *)ptr;
ptr = (ptrdiff_t)(cache->ticketEncKey + 1);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->ticketMacKey = (encKeyCacheEntry *)ptr;
ptr = (ptrdiff_t)(cache->ticketMacKey + 1);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->ticketKeysValid = (PRUint32 *)ptr;
ptr = (ptrdiff_t)(cache->ticketKeysValid + 1);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->srvNameCacheData = (srvNameCacheEntry *)ptr;
cache->srvNameCacheSize =
cache->numSrvNameCacheEntries * sizeof(srvNameCacheEntry);
ptr = (ptrdiff_t)(cache->srvNameCacheData + cache->numSrvNameCacheEntries);
ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
cache->cacheMemSize = ptr;
if (ssl3_timeout) {
if (ssl3_timeout > MAX_SSL3_TIMEOUT) {
ssl3_timeout = MAX_SSL3_TIMEOUT;
}
if (ssl3_timeout < MIN_SSL3_TIMEOUT) {
ssl3_timeout = MIN_SSL3_TIMEOUT;
}
cache->ssl3Timeout = ssl3_timeout;
} else {
cache->ssl3Timeout = DEF_SSL3_TIMEOUT;
}
if (shared) {
/* Create file names */
#if defined(XP_UNIX)
/* there's some confusion here about whether PR_OpenAnonFileMap wants
** a directory name or a file name for its first argument.
cfn = PR_smprintf("%s/.sslsvrcache.%d", directory, myPid);
*/
cfn = PR_smprintf("%s", directory);
#elif defined(XP_WIN32)
cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
GetCurrentThreadId());
#elif defined(XP_OS2)
cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
gettid());
#else
#error "Don't know how to create file name for this platform!"
#endif
if (!cfn) {
goto loser;
}
/* Create cache */
cacheMemMap = PR_OpenAnonFileMap(cfn, cache->cacheMemSize,
PR_PROT_READWRITE);
PR_smprintf_free(cfn);
if (!cacheMemMap) {
goto loser;
}
cacheMem = PR_MemMap(cacheMemMap, 0, cache->cacheMemSize);
} else {
cacheMem = PORT_Alloc(cache->cacheMemSize);
}
if (!cacheMem) {
goto loser;
}
/* Initialize shared memory. This may not be necessary on all platforms */
memset(cacheMem, 0, cache->cacheMemSize);
/* Copy cache descriptor header into shared memory */
memcpy(cacheMem, cache, sizeof *cache);
/* save private copies of these values */
cache->cacheMemMap = cacheMemMap;
cache->cacheMem = cacheMem;
cache->sharedCache = (cacheDesc *)cacheMem;
/* Fix pointers in our private copy of cache descriptor to point to
** spaces in shared memory
*/
cache->sidCacheLocks = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->sidCacheLocks);
cache->keyCacheLock = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->keyCacheLock);
cache->certCacheLock = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->certCacheLock);
cache->srvNameCacheLock = (sidCacheLock *)(cache->cacheMem + (ptrdiff_t)cache->srvNameCacheLock);
cache->sidCacheSets = (sidCacheSet *)(cache->cacheMem + (ptrdiff_t)cache->sidCacheSets);
cache->sidCacheData = (sidCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->sidCacheData);
cache->certCacheData = (certCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->certCacheData);
cache->keyCacheData = (SSLWrappedSymWrappingKey *)(cache->cacheMem + (ptrdiff_t)cache->keyCacheData);
cache->ticketKeyNameSuffix = (PRUint8 *)(cache->cacheMem + (ptrdiff_t)cache->ticketKeyNameSuffix);
cache->ticketEncKey = (encKeyCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->ticketEncKey);
cache->ticketMacKey = (encKeyCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->ticketMacKey);
cache->ticketKeysValid = (PRUint32 *)(cache->cacheMem + (ptrdiff_t)cache->ticketKeysValid);
cache->srvNameCacheData = (srvNameCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->srvNameCacheData);
/* initialize the locks */
init_time = ssl_CacheNow();
pLock = cache->sidCacheLocks;
for (locks_to_initialize = cache->numSIDCacheLocks + 3;
locks_initialized < locks_to_initialize;
++locks_initialized, ++pLock) {
SECStatus err = sslMutex_Init(&pLock->mutex, shared);
if (err) {
cache->numSIDCacheLocksInitialized = locks_initialized;
goto loser;
}
pLock->timeStamp = init_time;
pLock->pid = 0;
}
cache->numSIDCacheLocksInitialized = locks_initialized;
return SECSuccess;
loser:
CloseCache(cache);
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
PRUint32
SSL_GetMaxServerCacheLocks(void)
{
return ssl_max_sid_cache_locks + 2;
/* The extra two are the cert cache lock and the key cache lock. */
}
SECStatus
SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
{
/* Minimum is 1 sid cache lock, 1 cert cache lock and 1 key cache lock.
** We'd like to test for a maximum value, but not all platforms' header
** files provide a symbol or function or other means of determining
** the maximum, other than trial and error.
*/
if (maxLocks < 3) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
ssl_max_sid_cache_locks = maxLocks - 2;
/* The extra two are the cert cache lock and the key cache lock. */
return SECSuccess;
}
PR_STATIC_ASSERT(sizeof(sidCacheEntry) % 16 == 0);
PR_STATIC_ASSERT(sizeof(certCacheEntry) == 4096);
PR_STATIC_ASSERT(sizeof(srvNameCacheEntry) == 1072);
static SECStatus
ssl_ConfigServerSessionIDCacheInstanceWithOpt(cacheDesc *cache,
PRUint32 ssl3_timeout,
const char *directory,
PRBool shared,
int maxCacheEntries,
int maxCertCacheEntries,
int maxSrvNameCacheEntries)
{
SECStatus rv;
rv = ssl_InitSessionCache();
if (rv != SECSuccess) {
return rv;
}
myPid = SSL_GETPID();
if (!directory) {
directory = DEFAULT_CACHE_DIRECTORY;
}
rv = InitCache(cache, maxCacheEntries, maxCertCacheEntries,
maxSrvNameCacheEntries, ssl3_timeout, directory, shared);
if (rv) {
return SECFailure;
}
ssl_sid_lookup = ServerSessionIDLookup;
return SECSuccess;
}
SECStatus
SSL_ConfigServerSessionIDCacheInstance(cacheDesc *cache,
int maxCacheEntries,
PRUint32 ssl2_timeout,
PRUint32 ssl3_timeout,
const char *directory, PRBool shared)
{
return ssl_ConfigServerSessionIDCacheInstanceWithOpt(cache,
ssl3_timeout,
directory,
shared,
maxCacheEntries,
-1, -1);
}
SECStatus
SSL_ConfigServerSessionIDCache(int maxCacheEntries,
PRUint32 ssl2_timeout,
PRUint32 ssl3_timeout,
const char *directory)
{
ssl_InitSessionCacheLocks(PR_FALSE);
return SSL_ConfigServerSessionIDCacheInstance(&globalCache,
maxCacheEntries, ssl2_timeout, ssl3_timeout, directory, PR_FALSE);
}
SECStatus
SSL_ShutdownServerSessionIDCacheInstance(cacheDesc *cache)
{
CloseCache(cache);
return SECSuccess;
}
SECStatus
SSL_ShutdownServerSessionIDCache(void)
{
#if defined(XP_UNIX)
/* Stop the thread that polls cache for expired locks on Unix */
StopLockPoller(&globalCache);
#endif
SSL3_ShutdownServerCache();
return SSL_ShutdownServerSessionIDCacheInstance(&globalCache);
}
/* Use this function, instead of SSL_ConfigServerSessionIDCache,
* if the cache will be shared by multiple processes.
*/
static SECStatus
ssl_ConfigMPServerSIDCacheWithOpt(PRUint32 ssl3_timeout,
const char *directory,
int maxCacheEntries,
int maxCertCacheEntries,
int maxSrvNameCacheEntries)
{
char *envValue;
char *inhValue;
cacheDesc *cache = &globalCache;
PRUint32 fmStrLen;
SECStatus result;
PRStatus prStatus;
SECStatus putEnvFailed;
inheritance inherit;
char fmString[PR_FILEMAP_STRING_BUFSIZE];
isMultiProcess = PR_TRUE;
result = ssl_ConfigServerSessionIDCacheInstanceWithOpt(cache,
ssl3_timeout, directory, PR_TRUE,
maxCacheEntries, maxCacheEntries, maxSrvNameCacheEntries);
if (result != SECSuccess)
return result;
prStatus = PR_ExportFileMapAsString(cache->cacheMemMap,
sizeof fmString, fmString);
if ((prStatus != PR_SUCCESS) || !(fmStrLen = strlen(fmString))) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
inherit.cacheMemSize = cache->cacheMemSize;
inherit.fmStrLen = fmStrLen;
inhValue = BTOA_DataToAscii((unsigned char *)&inherit, sizeof inherit);
if (!inhValue || !strlen(inhValue)) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
envValue = PR_smprintf("%s,%s", inhValue, fmString);
if (!envValue || !strlen(envValue)) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
PORT_Free(inhValue);
putEnvFailed = (SECStatus)NSS_PutEnv(envVarName, envValue);
PR_smprintf_free(envValue);
if (putEnvFailed) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
result = SECFailure;
}
#if defined(XP_UNIX)
/* Launch thread to poll cache for expired locks on Unix */
LaunchLockPoller(cache);
#endif
return result;
}
/* Use this function, instead of SSL_ConfigServerSessionIDCache,
* if the cache will be shared by multiple processes.
*/
SECStatus
SSL_ConfigMPServerSIDCache(int maxCacheEntries,
PRUint32 ssl2_timeout,
PRUint32 ssl3_timeout,
const char *directory)
{
return ssl_ConfigMPServerSIDCacheWithOpt(ssl3_timeout,
directory,
maxCacheEntries,
-1, -1);
}
SECStatus
SSL_ConfigServerSessionIDCacheWithOpt(
PRUint32 ssl2_timeout,
PRUint32 ssl3_timeout,
const char *directory,
int maxCacheEntries,
int maxCertCacheEntries,
int maxSrvNameCacheEntries,
PRBool enableMPCache)
{
if (!enableMPCache) {
ssl_InitSessionCacheLocks(PR_FALSE);
return ssl_ConfigServerSessionIDCacheInstanceWithOpt(&globalCache,
ssl3_timeout, directory, PR_FALSE,
maxCacheEntries, maxCertCacheEntries, maxSrvNameCacheEntries);
} else {
return ssl_ConfigMPServerSIDCacheWithOpt(ssl3_timeout, directory,
maxCacheEntries, maxCertCacheEntries, maxSrvNameCacheEntries);
}
}
SECStatus
SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char *envString)
{
unsigned char *decoString = NULL;
char *fmString = NULL;
char *myEnvString = NULL;
unsigned int decoLen;
inheritance inherit;
cacheDesc my;
#ifdef WINNT
sidCacheLock *newLocks;
int locks_initialized = 0;
int locks_to_initialize = 0;
#endif
SECStatus status = ssl_InitSessionCache();
if (status != SECSuccess) {
return status;
}
myPid = SSL_GETPID();
/* If this child was created by fork(), and not by exec() on unix,
** then isMultiProcess will already be set.
** If not, we'll set it below.
*/
if (isMultiProcess) {
if (cache && cache->sharedCache) {
cache->sharedCache->everInherited = PR_TRUE;
}
return SECSuccess; /* already done. */
}
ssl_InitSessionCacheLocks(PR_FALSE);
ssl_sid_lookup = ServerSessionIDLookup;
if (!envString) {
envString = PR_GetEnvSecure(envVarName);
if (!envString) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
}
myEnvString = PORT_Strdup(envString);
if (!myEnvString)
return SECFailure;
fmString = strchr(myEnvString, ',');
if (!fmString)
goto loser;
*fmString++ = 0;
decoString = ATOB_AsciiToData(myEnvString, &decoLen);
if (!decoString) {
goto loser;
}
if (decoLen != sizeof inherit) {
goto loser;
}
PORT_Memcpy(&inherit, decoString, sizeof inherit);
if (strlen(fmString) != inherit.fmStrLen) {
goto loser;
}
memset(cache, 0, sizeof *cache);
cache->cacheMemSize = inherit.cacheMemSize;
/* Create cache */
cache->cacheMemMap = PR_ImportFileMapFromString(fmString);
if (!cache->cacheMemMap) {
goto loser;
}
cache->cacheMem = PR_MemMap(cache->cacheMemMap, 0, cache->cacheMemSize);
if (!cache->cacheMem) {
goto loser;
}
cache->sharedCache = (cacheDesc *)cache->cacheMem;
if (cache->sharedCache->cacheMemSize != cache->cacheMemSize) {
goto loser;
}
/* We're now going to overwrite the local cache instance with the
** shared copy of the cache struct, then update several values in
** the local cache using the values for cache->cacheMemMap and
** cache->cacheMem computed just above. So, we copy cache into
** the automatic variable "my", to preserve the variables while
** cache is overwritten.
*/
my = *cache; /* save values computed above. */
memcpy(cache, cache->sharedCache, sizeof *cache); /* overwrite */
/* Fix pointers in our private copy of cache descriptor to point to
** spaces in shared memory, whose address is now in "my".
*/
cache->sidCacheLocks = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->sidCacheLocks);
cache->keyCacheLock = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->keyCacheLock);
cache->certCacheLock = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->certCacheLock);
cache->srvNameCacheLock = (sidCacheLock *)(my.cacheMem + (ptrdiff_t)cache->srvNameCacheLock);
cache->sidCacheSets = (sidCacheSet *)(my.cacheMem + (ptrdiff_t)cache->sidCacheSets);
cache->sidCacheData = (sidCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->sidCacheData);
cache->certCacheData = (certCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->certCacheData);
cache->keyCacheData = (SSLWrappedSymWrappingKey *)(my.cacheMem + (ptrdiff_t)cache->keyCacheData);
cache->ticketKeyNameSuffix = (PRUint8 *)(my.cacheMem + (ptrdiff_t)cache->ticketKeyNameSuffix);
cache->ticketEncKey = (encKeyCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->ticketEncKey);
cache->ticketMacKey = (encKeyCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->ticketMacKey);
cache->ticketKeysValid = (PRUint32 *)(my.cacheMem + (ptrdiff_t)cache->ticketKeysValid);
cache->srvNameCacheData = (srvNameCacheEntry *)(my.cacheMem + (ptrdiff_t)cache->srvNameCacheData);
cache->cacheMemMap = my.cacheMemMap;
cache->cacheMem = my.cacheMem;
cache->sharedCache = (cacheDesc *)cache->cacheMem;
#ifdef WINNT
/* On Windows NT we need to "fix" the sidCacheLocks here to support fibers
** When NT fibers are used in a multi-process server, a second level of
** locking is needed to prevent a deadlock, in case a fiber acquires the
** cross-process mutex, yields, and another fiber is later scheduled on
** the same native thread and tries to acquire the cross-process mutex.
** We do this by using a PRLock in the sslMutex. However, it is stored in
** shared memory as part of sidCacheLocks, and we don't want to overwrite
** the PRLock of the parent process. So we need to make new, private
** copies of sidCacheLocks before modifying the sslMutex with our own
** PRLock
*/
/* note from jpierre : this should be free'd in child processes when
** a function is added to delete the SSL session cache in the future.
*/
locks_to_initialize = cache->numSIDCacheLocks + 3;
newLocks = PORT_NewArray(sidCacheLock, locks_to_initialize);
if (!newLocks)
goto loser;
/* copy the old locks */
memcpy(newLocks, cache->sidCacheLocks,
locks_to_initialize * sizeof(sidCacheLock));
cache->sidCacheLocks = newLocks;
/* fix the locks */
for (; locks_initialized < locks_to_initialize; ++locks_initialized) {
/* now, make a local PRLock in this sslMutex for this child process */
SECStatus err;
err = sslMutex_2LevelInit(&newLocks[locks_initialized].mutex);
if (err != SECSuccess) {
cache->numSIDCacheLocksInitialized = locks_initialized;
goto loser;
}
}
cache->numSIDCacheLocksInitialized = locks_initialized;
/* also fix the key and cert cache which use the last 2 lock entries */
cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
cache->certCacheLock = cache->keyCacheLock + 1;
cache->srvNameCacheLock = cache->certCacheLock + 1;
#endif
PORT_Free(myEnvString);
PORT_Free(decoString);
/* mark that we have inherited this. */
cache->sharedCache->everInherited = PR_TRUE;
isMultiProcess = PR_TRUE;
return SECSuccess;
loser:
PORT_Free(myEnvString);
if (decoString)
PORT_Free(decoString);
CloseCache(cache);
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
SECStatus
SSL_InheritMPServerSIDCache(const char *envString)
{
return SSL_InheritMPServerSIDCacheInstance(&globalCache, envString);
}
#if defined(XP_UNIX)
#define SID_LOCK_EXPIRATION_TIMEOUT 30 /* seconds */
static void
LockPoller(void *arg)
{
cacheDesc *cache = (cacheDesc *)arg;
cacheDesc *sharedCache = cache->sharedCache;
sidCacheLock *pLock;
PRIntervalTime timeout;
PRUint32 now;
PRUint32 then;
int locks_polled = 0;
int locks_to_poll = cache->numSIDCacheLocks + 2;
PRUint32 expiration = cache->mutexTimeout;
timeout = PR_SecondsToInterval(expiration);
while (!sharedCache->stopPolling) {
PR_Sleep(timeout);
if (sharedCache->stopPolling)
break;
now = ssl_CacheNow();
then = now - expiration;
for (pLock = cache->sidCacheLocks, locks_polled = 0;
locks_to_poll > locks_polled && !sharedCache->stopPolling;
++locks_polled, ++pLock) {
pid_t pid;
if (pLock->timeStamp < then &&
pLock->timeStamp != 0 &&
(pid = pLock->pid) != 0) {
/* maybe we should try the lock? */
int result = kill(pid, 0);
if (result < 0 && errno == ESRCH) {
SECStatus rv;
/* No process exists by that pid any more.
** Treat this mutex as abandoned.
*/
pLock->timeStamp = now;
pLock->pid = 0;
rv = sslMutex_Unlock(&pLock->mutex);
if (rv != SECSuccess) {
/* Now what? */
}
}
}
} /* end of loop over locks */
} /* end of entire polling loop */
}
/* Launch thread to poll cache for expired locks */
static SECStatus
LaunchLockPoller(cacheDesc *cache)
{
const char *timeoutString;
PRThread *pollerThread;
cache->mutexTimeout = SID_LOCK_EXPIRATION_TIMEOUT;
timeoutString = PR_GetEnvSecure("NSS_SSL_SERVER_CACHE_MUTEX_TIMEOUT");
if (timeoutString) {
long newTime = strtol(timeoutString, 0, 0);
if (newTime == 0)
return SECSuccess; /* application doesn't want poller thread */
if (newTime > 0)
cache->mutexTimeout = (PRUint32)newTime;
/* if error (newTime < 0) ignore it and use default */
}
pollerThread =
PR_CreateThread(PR_USER_THREAD, LockPoller, cache, PR_PRIORITY_NORMAL,
PR_GLOBAL_THREAD, PR_JOINABLE_THREAD, 0);
if (!pollerThread) {
return SECFailure;
}
cache->poller = pollerThread;
return SECSuccess;
}
/* Stop the thread that polls cache for expired locks */
static SECStatus
StopLockPoller(cacheDesc *cache)
{
if (!cache->poller) {
return SECSuccess;
}
cache->sharedCache->stopPolling = PR_TRUE;
if (PR_Interrupt(cache->poller) != PR_SUCCESS) {
return SECFailure;
}
if (PR_JoinThread(cache->poller) != PR_SUCCESS) {
return SECFailure;
}
cache->poller = NULL;
return SECSuccess;
}
#endif
/************************************************************************
* Code dealing with shared wrapped symmetric wrapping keys below *
************************************************************************/
/* The asymmetric key we use for wrapping the self-encryption keys. This is a
* global structure that can be initialized without a socket. Access is
* synchronized on the reader-writer lock. This is setup either by calling
* SSL_SetSessionTicketKeyPair() or by configuring a certificate of the
* ssl_auth_rsa_decrypt type. */
static struct {
PRCallOnceType setup;
PRRWLock *lock;
SECKEYPublicKey *pubKey;
SECKEYPrivateKey *privKey;
PRBool configured;
} ssl_self_encrypt_key_pair;
/* The symmetric self-encryption keys. This requires a socket to construct
* and requires that the global structure be initialized before use.
*/
static sslSelfEncryptKeys ssl_self_encrypt_keys;
/* Externalize the self encrypt keys. Purely used for testing. */
sslSelfEncryptKeys *
ssl_GetSelfEncryptKeysInt()
{
return &ssl_self_encrypt_keys;
}
static void
ssl_CleanupSelfEncryptKeyPair()
{
if (ssl_self_encrypt_key_pair.pubKey) {
PORT_Assert(ssl_self_encrypt_key_pair.privKey);
SECKEY_DestroyPublicKey(ssl_self_encrypt_key_pair.pubKey);
SECKEY_DestroyPrivateKey(ssl_self_encrypt_key_pair.privKey);
}
}
void
ssl_ResetSelfEncryptKeys()
{
if (ssl_self_encrypt_keys.encKey) {
PORT_Assert(ssl_self_encrypt_keys.macKey);
PK11_FreeSymKey(ssl_self_encrypt_keys.encKey);
PK11_FreeSymKey(ssl_self_encrypt_keys.macKey);
}
PORT_Memset(&ssl_self_encrypt_keys, 0,
sizeof(ssl_self_encrypt_keys));
}
static SECStatus
ssl_SelfEncryptShutdown(void *appData, void *nssData)
{
ssl_CleanupSelfEncryptKeyPair();
PR_DestroyRWLock(ssl_self_encrypt_key_pair.lock);
PORT_Memset(&ssl_self_encrypt_key_pair, 0,
sizeof(ssl_self_encrypt_key_pair));
ssl_ResetSelfEncryptKeys();
return SECSuccess;
}
static PRStatus
ssl_SelfEncryptSetup(void)
{
SECStatus rv = NSS_RegisterShutdown(ssl_SelfEncryptShutdown, NULL);
if (rv != SECSuccess) {
return PR_FAILURE;
}
ssl_self_encrypt_key_pair.lock = PR_NewRWLock(PR_RWLOCK_RANK_NONE, NULL);
if (!ssl_self_encrypt_key_pair.lock) {
return PR_FAILURE;
}
return PR_SUCCESS;
}
/* Configure a self encryption key pair. |explicitConfig| is set to true for
* calls to SSL_SetSessionTicketKeyPair(), false for implicit configuration.
* This assumes that the setup has been run. */
static SECStatus
ssl_SetSelfEncryptKeyPair(SECKEYPublicKey *pubKey,
SECKEYPrivateKey *privKey,
PRBool explicitConfig)
{
SECKEYPublicKey *pubKeyCopy, *oldPubKey;
SECKEYPrivateKey *privKeyCopy, *oldPrivKey;
PORT_Assert(ssl_self_encrypt_key_pair.lock);
pubKeyCopy = SECKEY_CopyPublicKey(pubKey);
privKeyCopy = SECKEY_CopyPrivateKey(privKey);
if (!pubKeyCopy || !privKeyCopy) {
SECKEY_DestroyPublicKey(pubKeyCopy);
SECKEY_DestroyPrivateKey(privKeyCopy);
PORT_SetError(SEC_ERROR_NO_MEMORY);
return SECFailure;
}
PR_RWLock_Wlock(ssl_self_encrypt_key_pair.lock);
oldPubKey = ssl_self_encrypt_key_pair.pubKey;
oldPrivKey = ssl_self_encrypt_key_pair.privKey;
ssl_self_encrypt_key_pair.pubKey = pubKeyCopy;
ssl_self_encrypt_key_pair.privKey = privKeyCopy;
ssl_self_encrypt_key_pair.configured = explicitConfig;
PR_RWLock_Unlock(ssl_self_encrypt_key_pair.lock);
if (oldPubKey) {
PORT_Assert(oldPrivKey);
SECKEY_DestroyPublicKey(oldPubKey);
SECKEY_DestroyPrivateKey(oldPrivKey);
}
return SECSuccess;
}
/* This is really the self-encryption keys but it has the
* wrong name for historical API stability reasons. */
SECStatus
SSL_SetSessionTicketKeyPair(SECKEYPublicKey *pubKey,
SECKEYPrivateKey *privKey)
{
if (SECKEY_GetPublicKeyType(pubKey) != rsaKey ||
SECKEY_GetPrivateKeyType(privKey) != rsaKey) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
if (PR_SUCCESS != PR_CallOnce(&ssl_self_encrypt_key_pair.setup,
&ssl_SelfEncryptSetup)) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
return ssl_SetSelfEncryptKeyPair(pubKey, privKey, PR_TRUE);
}
/* When configuring a server cert, we should save the RSA key in case it is
* needed for self-encryption. This saves the latest copy, unless there has
* been an explicit call to SSL_SetSessionTicketKeyPair(). */
SECStatus
ssl_MaybeSetSelfEncryptKeyPair(const sslKeyPair *keyPair)
{
PRBool configured;
if (PR_SUCCESS != PR_CallOnce(&ssl_self_encrypt_key_pair.setup,
&ssl_SelfEncryptSetup)) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
PR_RWLock_Rlock(ssl_self_encrypt_key_pair.lock);
configured = ssl_self_encrypt_key_pair.configured;
PR_RWLock_Unlock(ssl_self_encrypt_key_pair.lock);
if (configured) {
return SECSuccess;
}
return ssl_SetSelfEncryptKeyPair(keyPair->pubKey,
keyPair->privKey, PR_FALSE);
}
static SECStatus
ssl_GetSelfEncryptKeyPair(SECKEYPublicKey **pubKey,
SECKEYPrivateKey **privKey)
{
if (PR_SUCCESS != PR_CallOnce(&ssl_self_encrypt_key_pair.setup,
&ssl_SelfEncryptSetup)) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
SECKEYPublicKey *pubKeyCopy = NULL;
SECKEYPrivateKey *privKeyCopy = NULL;
PRBool noKey = PR_FALSE;
PR_RWLock_Rlock(ssl_self_encrypt_key_pair.lock);
if (ssl_self_encrypt_key_pair.pubKey && ssl_self_encrypt_key_pair.privKey) {
pubKeyCopy = SECKEY_CopyPublicKey(ssl_self_encrypt_key_pair.pubKey);
privKeyCopy = SECKEY_CopyPrivateKey(ssl_self_encrypt_key_pair.privKey);
} else {
noKey = PR_TRUE;
}
PR_RWLock_Unlock(ssl_self_encrypt_key_pair.lock);
if (noKey) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
if (!pubKeyCopy || !privKeyCopy) {
SECKEY_DestroyPublicKey(pubKeyCopy);
SECKEY_DestroyPrivateKey(privKeyCopy);
PORT_SetError(SEC_ERROR_NO_MEMORY);
return SECFailure;
}
*pubKey = pubKeyCopy;
*privKey = privKeyCopy;
return SECSuccess;
}
static SECStatus
ssl_GenerateSelfEncryptKeys(void *pwArg, PRUint8 *keyName,
PK11SymKey **aesKey, PK11SymKey **macKey);
static PRStatus
ssl_GenerateSelfEncryptKeysOnce(void *arg)
{
SECStatus rv;
/* Get a copy of the session keys from shared memory. */
PORT_Memcpy(ssl_self_encrypt_keys.keyName,
SELF_ENCRYPT_KEY_NAME_PREFIX,
sizeof(SELF_ENCRYPT_KEY_NAME_PREFIX));
/* This function calls ssl_GetSelfEncryptKeyPair(), which initializes the
* key pair stuff. That allows this to use the same shutdown function. */
rv = ssl_GenerateSelfEncryptKeys(arg, ssl_self_encrypt_keys.keyName,
&ssl_self_encrypt_keys.encKey,
&ssl_self_encrypt_keys.macKey);
if (rv != SECSuccess) {
return PR_FAILURE;
}
return PR_SUCCESS;
}
SECStatus
ssl_GetSelfEncryptKeys(sslSocket *ss, PRUint8 *keyName,
PK11SymKey **encKey, PK11SymKey **macKey)
{
if (PR_SUCCESS != PR_CallOnceWithArg(&ssl_self_encrypt_keys.setup,
&ssl_GenerateSelfEncryptKeysOnce,
ss->pkcs11PinArg)) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
if (!ssl_self_encrypt_keys.encKey || !ssl_self_encrypt_keys.macKey) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
PORT_Memcpy(keyName, ssl_self_encrypt_keys.keyName,
sizeof(ssl_self_encrypt_keys.keyName));
*encKey = ssl_self_encrypt_keys.encKey;
*macKey = ssl_self_encrypt_keys.macKey;
return SECSuccess;
}
/* If lockTime is zero, it implies that the lock is not held, and must be
* aquired here.
*/
static SECStatus
getSvrWrappingKey(unsigned int symWrapMechIndex,
unsigned int wrapKeyIndex,
SSLWrappedSymWrappingKey *wswk,
cacheDesc *cache,
PRUint32 lockTime)
{
PRUint32 ndx = (wrapKeyIndex * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
SSLWrappedSymWrappingKey *pwswk = cache->keyCacheData + ndx;
PRUint32 now = 0;
PRBool rv = SECFailure;
if (!cache->cacheMem) { /* cache is uninitialized */
PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
return SECFailure;
}
if (!lockTime) {
now = LockSidCacheLock(cache->keyCacheLock, 0);
if (!now) {
return SECFailure;
}
}
if (pwswk->wrapKeyIndex == wrapKeyIndex &&
pwswk->wrapMechIndex == symWrapMechIndex &&
pwswk->wrappedSymKeyLen != 0) {
*wswk = *pwswk;
rv = SECSuccess;
}
if (now) {
UnlockSidCacheLock(cache->keyCacheLock);
}
return rv;
}
SECStatus
ssl_GetWrappingKey(unsigned int wrapMechIndex,
unsigned int wrapKeyIndex,
SSLWrappedSymWrappingKey *wswk)
{
PORT_Assert(wrapMechIndex < SSL_NUM_WRAP_MECHS);
PORT_Assert(wrapKeyIndex < SSL_NUM_WRAP_KEYS);
if (wrapMechIndex >= SSL_NUM_WRAP_MECHS ||
wrapKeyIndex >= SSL_NUM_WRAP_KEYS) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
return getSvrWrappingKey(wrapMechIndex, wrapKeyIndex, wswk,
&globalCache, 0);
}
/* Wrap and cache a session ticket key. */
static SECStatus
WrapSelfEncryptKey(SECKEYPublicKey *svrPubKey, PK11SymKey *symKey,
const char *keyName, encKeyCacheEntry *cacheEntry)
{
SECItem wrappedKey = { siBuffer, NULL, 0 };
wrappedKey.len = SECKEY_PublicKeyStrength(svrPubKey);
PORT_Assert(wrappedKey.len <= sizeof(cacheEntry->bytes));
if (wrappedKey.len > sizeof(cacheEntry->bytes))
return PR_FALSE;
wrappedKey.data = cacheEntry->bytes;
if (PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, symKey, &wrappedKey) !=
SECSuccess) {
SSL_DBG(("%d: SSL[%s]: Unable to wrap self encrypt key %s.",
SSL_GETPID(), "unknown", keyName));
return SECFailure;
}
cacheEntry->length = wrappedKey.len;
return SECSuccess;
}
static SECStatus
GenerateSelfEncryptKeys(void *pwArg, PRUint8 *keyName, PK11SymKey **aesKey,
PK11SymKey **macKey)
{
PK11SlotInfo *slot;
CK_MECHANISM_TYPE mechanismArray[2];
PK11SymKey *aesKeyTmp = NULL;
PK11SymKey *macKeyTmp = NULL;
cacheDesc *cache = &globalCache;
PRUint8 ticketKeyNameSuffixLocal[SELF_ENCRYPT_KEY_VAR_NAME_LEN];
PRUint8 *ticketKeyNameSuffix;
if (!cache->cacheMem) {
/* cache is not initalized. Use stack buffer */
ticketKeyNameSuffix = ticketKeyNameSuffixLocal;
} else {
ticketKeyNameSuffix = cache->ticketKeyNameSuffix;
}
if (PK11_GenerateRandom(ticketKeyNameSuffix,
SELF_ENCRYPT_KEY_VAR_NAME_LEN) !=
SECSuccess) {
SSL_DBG(("%d: SSL[%s]: Unable to generate random key name bytes.",
SSL_GETPID(), "unknown"));
return SECFailure;
}
mechanismArray[0] = CKM_AES_CBC;
mechanismArray[1] = CKM_SHA256_HMAC;
slot = PK11_GetBestSlotMultiple(mechanismArray, 2, pwArg);
if (slot) {
aesKeyTmp = PK11_KeyGen(slot, mechanismArray[0], NULL,
AES_256_KEY_LENGTH, pwArg);
macKeyTmp = PK11_KeyGen(slot, mechanismArray[1], NULL,
SHA256_LENGTH, pwArg);
PK11_FreeSlot(slot);
}
if (aesKeyTmp == NULL || macKeyTmp == NULL) {
SSL_DBG(("%d: SSL[%s]: Unable to generate session ticket keys.",
SSL_GETPID(), "unknown"));
goto loser;
}
PORT_Memcpy(keyName, ticketKeyNameSuffix, SELF_ENCRYPT_KEY_VAR_NAME_LEN);
*aesKey = aesKeyTmp;
*macKey = macKeyTmp;
return SECSuccess;
loser:
if (aesKeyTmp)
PK11_FreeSymKey(aesKeyTmp);
if (macKeyTmp)
PK11_FreeSymKey(macKeyTmp);
return SECFailure;
}
static SECStatus
GenerateAndWrapSelfEncryptKeys(SECKEYPublicKey *svrPubKey, void *pwArg,
PRUint8 *keyName, PK11SymKey **aesKey,
PK11SymKey **macKey)
{
PK11SymKey *aesKeyTmp = NULL;
PK11SymKey *macKeyTmp = NULL;
cacheDesc *cache = &globalCache;
SECStatus rv;
rv = GenerateSelfEncryptKeys(pwArg, keyName, &aesKeyTmp, &macKeyTmp);
if (rv != SECSuccess) {
return SECFailure;
}
if (cache->cacheMem) {
/* Export the keys to the shared cache in wrapped form. */
rv = WrapSelfEncryptKey(svrPubKey, aesKeyTmp, "enc key", cache->ticketEncKey);
if (rv != SECSuccess) {
goto loser;
}
rv = WrapSelfEncryptKey(svrPubKey, macKeyTmp, "mac key", cache->ticketMacKey);
if (rv != SECSuccess) {
goto loser;
}
}
*aesKey = aesKeyTmp;
*macKey = macKeyTmp;
return SECSuccess;
loser:
PK11_FreeSymKey(aesKeyTmp);
PK11_FreeSymKey(macKeyTmp);
return SECFailure;
}
static SECStatus
UnwrapCachedSelfEncryptKeys(SECKEYPrivateKey *svrPrivKey, PRUint8 *keyName,
PK11SymKey **aesKey, PK11SymKey **macKey)
{
SECItem wrappedKey = { siBuffer, NULL, 0 };
PK11SymKey *aesKeyTmp = NULL;
PK11SymKey *macKeyTmp = NULL;
cacheDesc *cache = &globalCache;
wrappedKey.data = cache->ticketEncKey->bytes;
wrappedKey.len = cache->ticketEncKey->length;
PORT_Assert(wrappedKey.len <= sizeof(cache->ticketEncKey->bytes));
aesKeyTmp = PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
CKM_AES_CBC, CKA_DECRYPT, 0);
wrappedKey.data = cache->ticketMacKey->bytes;
wrappedKey.len = cache->ticketMacKey->length;
PORT_Assert(wrappedKey.len <= sizeof(cache->ticketMacKey->bytes));
macKeyTmp = PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
CKM_SHA256_HMAC, CKA_SIGN, 0);
if (aesKeyTmp == NULL || macKeyTmp == NULL) {
SSL_DBG(("%d: SSL[%s]: Unable to unwrap session ticket keys.",
SSL_GETPID(), "unknown"));
goto loser;
}
SSL_DBG(("%d: SSL[%s]: Successfully unwrapped session ticket keys.",
SSL_GETPID(), "unknown"));
PORT_Memcpy(keyName, cache->ticketKeyNameSuffix,
SELF_ENCRYPT_KEY_VAR_NAME_LEN);
*aesKey = aesKeyTmp;
*macKey = macKeyTmp;
return SECSuccess;
loser:
if (aesKeyTmp)
PK11_FreeSymKey(aesKeyTmp);
if (macKeyTmp)
PK11_FreeSymKey(macKeyTmp);
return SECFailure;
}
static SECStatus
ssl_GenerateSelfEncryptKeys(void *pwArg, PRUint8 *keyName,
PK11SymKey **encKey, PK11SymKey **macKey)
{
SECKEYPrivateKey *svrPrivKey = NULL;
SECKEYPublicKey *svrPubKey = NULL;
PRUint32 now;
cacheDesc *cache = &globalCache;
SECStatus rv = ssl_GetSelfEncryptKeyPair(&svrPubKey, &svrPrivKey);
if (rv != SECSuccess || !cache->cacheMem) {
/* No key pair for wrapping, or the cache is uninitialized. Generate
* keys and return them without caching. */
rv = GenerateSelfEncryptKeys(pwArg, keyName, encKey, macKey);
} else {
now = LockSidCacheLock(cache->keyCacheLock, 0);
if (!now) {
goto loser;
}
if (*(cache->ticketKeysValid)) {
rv = UnwrapCachedSelfEncryptKeys(svrPrivKey, keyName, encKey, macKey);
} else {
/* Keys do not exist, create them. */
rv = GenerateAndWrapSelfEncryptKeys(svrPubKey, pwArg, keyName,
encKey, macKey);
if (rv == SECSuccess) {
*(cache->ticketKeysValid) = 1;
}
}
UnlockSidCacheLock(cache->keyCacheLock);
}
SECKEY_DestroyPublicKey(svrPubKey);
SECKEY_DestroyPrivateKey(svrPrivKey);
return rv;
loser:
UnlockSidCacheLock(cache->keyCacheLock);
SECKEY_DestroyPublicKey(svrPubKey);
SECKEY_DestroyPrivateKey(svrPrivKey);
return SECFailure;
}
/* The caller passes in the new value it wants
* to set. This code tests the wrapped sym key entry in the shared memory.
* If it is uninitialized, this function writes the caller's value into
* the disk entry, and returns false.
* Otherwise, it overwrites the caller's wswk with the value obtained from
* the disk, and returns PR_TRUE.
* This is all done while holding the locks/mutexes necessary to make
* the operation atomic.
*/
SECStatus
ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
{
cacheDesc *cache = &globalCache;
PRBool rv = SECFailure;
PRUint32 ndx;
PRUint32 now;
SSLWrappedSymWrappingKey myWswk;
if (!cache->cacheMem) { /* cache is uninitialized */
PORT_SetError(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED);
return SECFailure;
}
PORT_Assert(wswk->wrapMechIndex < SSL_NUM_WRAP_MECHS);
PORT_Assert(wswk->wrapKeyIndex < SSL_NUM_WRAP_KEYS);
if (wswk->wrapMechIndex >= SSL_NUM_WRAP_MECHS ||
wswk->wrapKeyIndex >= SSL_NUM_WRAP_KEYS) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
ndx = (wswk->wrapKeyIndex * SSL_NUM_WRAP_MECHS) + wswk->wrapMechIndex;
PORT_Memset(&myWswk, 0, sizeof myWswk); /* eliminate UMRs. */
now = LockSidCacheLock(cache->keyCacheLock, 0);
if (!now) {
return SECFailure;
}
rv = getSvrWrappingKey(wswk->wrapMechIndex, wswk->wrapKeyIndex,
&myWswk, cache, now);
if (rv == SECSuccess) {
/* we found it on disk, copy it out to the caller. */
PORT_Memcpy(wswk, &myWswk, sizeof *wswk);
} else {
/* Wasn't on disk, and we're still holding the lock, so write it. */
cache->keyCacheData[ndx] = *wswk;
}
UnlockSidCacheLock(cache->keyCacheLock);
return rv;
}
#else /* MAC version or other platform */
#include "seccomon.h"
#include "cert.h"
#include "ssl.h"
#include "sslimpl.h"
SECStatus
SSL_ConfigServerSessionIDCache(int maxCacheEntries,
PRUint32 ssl2_timeout,
PRUint32 ssl3_timeout,
const char *directory)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigServerSessionIDCache)");
return SECFailure;
}
SECStatus
SSL_ConfigMPServerSIDCache(int maxCacheEntries,
PRUint32 ssl2_timeout,
PRUint32 ssl3_timeout,
const char *directory)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigMPServerSIDCache)");
return SECFailure;
}
SECStatus
SSL_InheritMPServerSIDCache(const char *envString)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_InheritMPServerSIDCache)");
return SECFailure;
}
SECStatus
ssl_GetWrappingKey(unsigned int wrapMechIndex,
unsigned int wrapKeyIndex,
SSLWrappedSymWrappingKey *wswk)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_GetWrappingKey)");
return SECFailure;
}
/* This is a kind of test-and-set. The caller passes in the new value it wants
* to set. This code tests the wrapped sym key entry in the shared memory.
* If it is uninitialized, this function writes the caller's value into
* the disk entry, and returns false.
* Otherwise, it overwrites the caller's wswk with the value obtained from
* the disk, and returns PR_TRUE.
* This is all done while holding the locks/mutexes necessary to make
* the operation atomic.
*/
SECStatus
ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_SetWrappingKey)");
return SECFailure;
}
PRUint32
SSL_GetMaxServerCacheLocks(void)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_GetMaxServerCacheLocks)");
return -1;
}
SECStatus
SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
{
PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_SetMaxServerCacheLocks)");
return SECFailure;
}
#endif /* XP_UNIX || XP_WIN32 */