Blame - library/ssl_cache.c - mirror/mbed-tls

blob: 94c1e71e41a6a0ac92435524e8b3de60fbeee19a [file] [log] [blame]

Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	1	/*
				2	* SSL session cache implementation
				3	*
Bence Szépkúti	1e14827	2020-08-07 13:07:28 +0200	[diff] [blame]	4	* Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard	37ff140	2015-09-04 14:21:07 +0200	[diff] [blame]	5	* SPDX-License-Identifier: Apache-2.0
				6	*
				7	* Licensed under the Apache License, Version 2.0 (the "License"); you may
				8	* not use this file except in compliance with the License.
				9	* You may obtain a copy of the License at
				10	*
				11	* http://www.apache.org/licenses/LICENSE-2.0
				12	*
				13	* Unless required by applicable law or agreed to in writing, software
				14	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				15	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				16	* See the License for the specific language governing permissions and
				17	* limitations under the License.
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	18	*/
				19	/*
				20	* These session callbacks use a simple chained list
				21	* to store and retrieve the session information.
				22	*/
				23
Gilles Peskine	db09ef6	2020-06-03 01:43:33 +0200	[diff] [blame]	24	#include "common.h"
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	25
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	26	#if defined(MBEDTLS_SSL_CACHE_C)
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	27
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	28	# if defined(MBEDTLS_PLATFORM_C)
				29	# include "mbedtls/platform.h"
				30	# else
				31	# include <stdlib.h>
				32	# define mbedtls_calloc calloc
				33	# define mbedtls_free free
				34	# endif
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	35
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	36	# include "mbedtls/ssl_cache.h"
				37	# include "ssl_misc.h"
SimonB	d5800b7	2016-04-26 07:43:27 +0100	[diff] [blame]	38
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	39	# include <string.h>
SimonB	d5800b7	2016-04-26 07:43:27 +0100	[diff] [blame]	40
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	41	void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache)
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	42	{
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	43	memset(cache, 0, sizeof(mbedtls_ssl_cache_context));
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	44
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	45	cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT;
				46	cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES;
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	47
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	48	# if defined(MBEDTLS_THREADING_C)
				49	mbedtls_mutex_init(&cache->mutex);
				50	# endif
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	51	}
				52
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	53	static int ssl_cache_find_entry(mbedtls_ssl_cache_context *cache,
				54	unsigned char const *session_id,
				55	size_t session_id_len,
				56	mbedtls_ssl_cache_entry **dst)
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	57	{
				58	int ret = 1;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	59	# if defined(MBEDTLS_HAVE_TIME)
				60	mbedtls_time_t t = mbedtls_time(NULL);
				61	# endif
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	62	mbedtls_ssl_cache_entry *cur;
				63
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	64	for (cur = cache->chain; cur != NULL; cur = cur->next) {
				65	# if defined(MBEDTLS_HAVE_TIME)
				66	if (cache->timeout != 0 && (int)(t - cur->timestamp) > cache->timeout)
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	67	continue;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	68	# endif
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	69
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	70	if (session_id_len != cur->session_id_len \|\|
				71	memcmp(session_id, cur->session_id, cur->session_id_len) != 0) {
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	72	continue;
				73	}
				74
				75	break;
				76	}
				77
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	78	if (cur != NULL) {
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	79	*dst = cur;
				80	ret = 0;
				81	}
				82
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	83	return ret;
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	84	}
				85
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	86	int mbedtls_ssl_cache_get(void *data,
				87	unsigned char const *session_id,
				88	size_t session_id_len,
				89	mbedtls_ssl_session *session)
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	90	{
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	91	int ret = 1;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	92	mbedtls_ssl_cache_context cache = (mbedtls_ssl_cache_context )data;
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	93	mbedtls_ssl_cache_entry *entry;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	94
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	95	# if defined(MBEDTLS_THREADING_C)
				96	if (mbedtls_mutex_lock(&cache->mutex) != 0)
				97	return 1;
				98	# endif
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	99
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	100	ret = ssl_cache_find_entry(cache, session_id, session_id_len, &entry);
				101	if (ret != 0)
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	102	goto exit;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	103
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	104	ret = mbedtls_ssl_session_load(session, entry->session, entry->session_len);
				105	if (ret != 0)
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	106	goto exit;
				107
Hanno Becker	f938c43	2021-04-15 10:17:53 +0100	[diff] [blame]	108	ret = 0;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	109
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	110	exit:
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	111	# if defined(MBEDTLS_THREADING_C)
				112	if (mbedtls_mutex_unlock(&cache->mutex) != 0)
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	113	ret = 1;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	114	# endif
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	115
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	116	return ret;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	117	}
				118
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	119	static int ssl_cache_pick_writing_slot(mbedtls_ssl_cache_context *cache,
				120	unsigned char const *session_id,
				121	size_t session_id_len,
				122	mbedtls_ssl_cache_entry **dst)
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	123	{
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	124	# if defined(MBEDTLS_HAVE_TIME)
				125	mbedtls_time_t t = mbedtls_time(NULL), oldest = 0;
				126	# endif /* MBEDTLS_HAVE_TIME */
Hanno Becker	006f2cc	2021-05-14 04:55:35 +0100	[diff] [blame]	127
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	128	mbedtls_ssl_cache_entry *old = NULL;
Paul Bakker	ba26e9e	2012-10-23 22:18:28 +0000	[diff] [blame]	129	int count = 0;
Hanno Becker	466ed6f	2021-05-14 14:54:00 +0100	[diff] [blame]	130	mbedtls_ssl_cache_entry cur, last;
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	131
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	132	/* Check 1: Is there already an entry with the given session ID?
				133	*
				134	* If yes, overwrite it.
				135	*
				136	* If not, `count` will hold the size of the session cache
Hanno Becker	466ed6f	2021-05-14 14:54:00 +0100	[diff] [blame]	137	* at the end of this loop, and `last` will point to the last
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	138	* entry, both of which will be used later. */
				139
Hanno Becker	78196e3	2021-05-14 14:45:38 +0100	[diff] [blame]	140	last = NULL;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	141	for (cur = cache->chain; cur != NULL; cur = cur->next) {
Paul Bakker	ba26e9e	2012-10-23 22:18:28 +0000	[diff] [blame]	142	count++;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	143	if (session_id_len == cur->session_id_len &&
				144	memcmp(session_id, cur->session_id, cur->session_id_len) == 0) {
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	145	goto found;
Hanno Becker	ccdaf6e	2021-04-15 09:26:17 +0100	[diff] [blame]	146	}
Hanno Becker	78196e3	2021-05-14 14:45:38 +0100	[diff] [blame]	147	last = cur;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	148	}
				149
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	150	/* Check 2: Is there an outdated entry in the cache?
				151	*
				152	* If so, overwrite it.
				153	*
				154	* If not, remember the oldest entry in `old` for later.
				155	*/
				156
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	157	# if defined(MBEDTLS_HAVE_TIME)
				158	for (cur = cache->chain; cur != NULL; cur = cur->next) {
				159	if (cache->timeout != 0 && (int)(t - cur->timestamp) > cache->timeout) {
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	160	goto found;
Paul Bakker	ba26e9e	2012-10-23 22:18:28 +0000	[diff] [blame]	161	}
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	162
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	163	if (oldest == 0 \|\| cur->timestamp < oldest) {
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	164	oldest = cur->timestamp;
				165	old = cur;
Paul Bakker	fa9b100	2013-07-03 15:31:03 +0200	[diff] [blame]	166	}
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	167	}
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	168	# endif /* MBEDTLS_HAVE_TIME */
Paul Bakker	ba26e9e	2012-10-23 22:18:28 +0000	[diff] [blame]	169
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	170	/* Check 3: Is there free space in the cache? */
				171
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	172	if (count < cache->max_entries) {
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	173	/* Create new entry */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	174	cur = mbedtls_calloc(1, sizeof(mbedtls_ssl_cache_entry));
				175	if (cur == NULL)
				176	return 1;
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	177
				178	/* Append to the end of the linked list. */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	179	if (last == NULL)
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	180	cache->chain = cur;
				181	else
Hanno Becker	466ed6f	2021-05-14 14:54:00 +0100	[diff] [blame]	182	last->next = cur;
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	183
				184	goto found;
				185	}
				186
				187	/* Last resort: The cache is full and doesn't contain any outdated
				188	* elements. In this case, we evict the oldest one, judged by timestamp
				189	* (if present) or cache-order. */
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	190
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	191	# if defined(MBEDTLS_HAVE_TIME)
				192	if (old == NULL) {
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	193	/* This should only happen on an ill-configured cache
				194	* with max_entries == 0. */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	195	return 1;
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	196	}
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	197	# else /* MBEDTLS_HAVE_TIME */
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	198	/* Reuse first entry in chain, but move to last place. */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	199	if (cache->chain == NULL)
				200	return 1;
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	201
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	202	old = cache->chain;
				203	cache->chain = old->next;
Hanno Becker	5cf6f7e	2021-05-14 14:45:04 +0100	[diff] [blame]	204	old->next = NULL;
Hanno Becker	466ed6f	2021-05-14 14:54:00 +0100	[diff] [blame]	205	last->next = old;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	206	# endif /* MBEDTLS_HAVE_TIME */
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	207
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	208	/* Now `old` points to the oldest entry to be overwritten. */
				209	cur = old;
				210
				211	found:
				212
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	213	# if defined(MBEDTLS_HAVE_TIME)
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	214	cur->timestamp = t;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	215	# endif
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	216
				217	/* If we're reusing an entry, free it first. */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	218	if (cur->session != NULL) {
				219	mbedtls_free(cur->session);
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	220	cur->session = NULL;
				221	cur->session_len = 0;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	222	memset(cur->session_id, 0, sizeof(cur->session_id));
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	223	cur->session_id_len = 0;
Manuel Pégourié-Gonnard	84c30c7	2014-02-26 17:38:55 +0100	[diff] [blame]	224	}
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	225
Hanno Becker	845ceb7	2021-05-13 07:05:07 +0100	[diff] [blame]	226	*dst = cur;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	227	return 0;
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	228	}
				229
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	230	int mbedtls_ssl_cache_set(void *data,
				231	unsigned char const *session_id,
				232	size_t session_id_len,
				233	const mbedtls_ssl_session *session)
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	234	{
				235	int ret = 1;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	236	mbedtls_ssl_cache_context cache = (mbedtls_ssl_cache_context )data;
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	237	mbedtls_ssl_cache_entry *cur;
				238
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	239	size_t session_serialized_len;
				240	unsigned char *session_serialized = NULL;
				241
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	242	# if defined(MBEDTLS_THREADING_C)
				243	if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0)
				244	return ret;
				245	# endif
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	246
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	247	ret = ssl_cache_pick_writing_slot(cache, session_id, session_id_len, &cur);
				248	if (ret != 0)
Hanno Becker	02a68eb	2021-04-15 09:57:17 +0100	[diff] [blame]	249	goto exit;
Manuel Pégourié-Gonnard	84c30c7	2014-02-26 17:38:55 +0100	[diff] [blame]	250
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	251	/* Check how much space we need to serialize the session
				252	* and allocate a sufficiently large buffer. */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	253	ret = mbedtls_ssl_session_save(session, NULL, 0, &session_serialized_len);
				254	if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
Hanno Becker	aee8717	2019-02-06 14:53:19 +0000	[diff] [blame]	255	ret = 1;
				256	goto exit;
				257	}
				258
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	259	session_serialized = mbedtls_calloc(1, session_serialized_len);
				260	if (session_serialized == NULL) {
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	261	ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
				262	goto exit;
Paul Bakker	e81beda	2013-03-06 17:40:46 +0100	[diff] [blame]	263	}
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	264
				265	/* Now serialize the session into the allocated buffer. */
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	266	ret = mbedtls_ssl_session_save(session, session_serialized,
				267	session_serialized_len,
				268	&session_serialized_len);
				269	if (ret != 0)
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	270	goto exit;
				271
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	272	if (session_id_len > sizeof(cur->session_id)) {
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	273	ret = 1;
				274	goto exit;
				275	}
				276	cur->session_id_len = session_id_len;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	277	memcpy(cur->session_id, session_id, session_id_len);
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	278
				279	cur->session = session_serialized;
				280	cur->session_len = session_serialized_len;
				281	session_serialized = NULL;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	282
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	283	ret = 0;
				284
				285	exit:
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	286	# if defined(MBEDTLS_THREADING_C)
				287	if (mbedtls_mutex_unlock(&cache->mutex) != 0)
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	288	ret = 1;
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	289	# endif
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	290
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	291	if (session_serialized != NULL)
				292	mbedtls_platform_zeroize(session_serialized, session_serialized_len);
Hanno Becker	7e6eb9f	2021-04-15 10:26:06 +0100	[diff] [blame]	293
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	294	return ret;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	295	}
				296
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	297	# if defined(MBEDTLS_HAVE_TIME)
				298	void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache,
				299	int timeout)
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	300	{
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	301	if (timeout < 0)
				302	timeout = 0;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	303
				304	cache->timeout = timeout;
				305	}
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	306	# endif /* MBEDTLS_HAVE_TIME */
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	307
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	308	void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache,
				309	int max)
Paul Bakker	ba26e9e	2012-10-23 22:18:28 +0000	[diff] [blame]	310	{
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	311	if (max < 0)
				312	max = 0;
Paul Bakker	ba26e9e	2012-10-23 22:18:28 +0000	[diff] [blame]	313
				314	cache->max_entries = max;
				315	}
				316
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	317	void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache)
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	318	{
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	319	mbedtls_ssl_cache_entry cur, prv;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	320
				321	cur = cache->chain;
				322
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	323	while (cur != NULL) {
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	324	prv = cur;
				325	cur = cur->next;
				326
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	327	mbedtls_free(prv->session);
				328	mbedtls_free(prv);
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	329	}
Paul Bakker	c559884	2013-09-28 15:01:27 +0200	[diff] [blame]	330
Mateusz Starzyk	c0eabdc	2021-08-03 14:09:02 +0200	[diff] [blame^]	331	# if defined(MBEDTLS_THREADING_C)
				332	mbedtls_mutex_free(&cache->mutex);
				333	# endif
Ron Eldor	2236082	2017-10-29 17:53:52 +0200	[diff] [blame]	334	cache->chain = NULL;
Paul Bakker	0a59707	2012-09-25 21:55:46 +0000	[diff] [blame]	335	}
				336
Manuel Pégourié-Gonnard	2cf5a7c	2015-04-08 12:49:31 +0200	[diff] [blame]	337	#endif /* MBEDTLS_SSL_CACHE_C */