For better forward-security support, add functions

SSL_[CTX_]set_not_resumable_session_callback. Submitted by: Emilia Kasper (Google) [A part of this change affecting ssl/s3_lib.c was accidentally commited separately, together with a compilation fix for that file; see s3_lib.c CVS revision 1.133 (http://cvs.openssl.org/chngview?cn=19855).]
author: Bodo Möller <bodo@openssl.org> 2010-08-26 15:15:47 +0000
committer: Bodo Möller <bodo@openssl.org> 2010-08-26 15:15:47 +0000
commit: 7c2d4fee2547650102cd16d23f8125b76112ae75 (patch)
tree: b65012d1d3e0ee6d3dae907da20a00f3cbd0d56e /ssl
parent: f16176dab409c8de444315ba00c4eff36dd0e063 (diff)
3 files changed, 42 insertions, 2 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index c2874e7feb..bc6ece47c1 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1251,6 +1251,13 @@ int ssl3_get_client_hello(SSL *s)
 			goto f_err;
 			}
 		s->s3->tmp.new_cipher=c;
+		/* check whether we should disable session resumption */
+		if (s->not_resumable_session_cb != NULL)
+			s->session->not_resumable=s->not_resumable_session_cb(s,
+				((c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH)) != 0));
+		if (s->session->not_resumable)
+			/* do not send a session ticket */
+			s->tlsext_ticket_expected = 0;
 		}
 	else
 		{
@@ -1354,8 +1361,9 @@ int ssl3_send_server_hello(SSL *s)
 		 * if session caching is disabled so existing functionality
 		 * is unaffected.
 		 */
-		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
-			&& !s->hit)
+		if (s->session->not_resumable ||
+			(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
+				&& !s->hit))
 			s->session->session_id_length=0;
 
 		sl=s->session->session_id_length;
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 5a35c67285..20e49ec376 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -468,6 +468,9 @@ typedef struct ssl_session_st
 	char *psk_identity_hint;
 	char *psk_identity;
 #endif
+	/* Used to indicate that session resumption is not allowed.
+	 * Applications can also set this bit for a new session via
+	 * not_resumable_session_cb to disable session caching and tickets. */
 	int not_resumable;
 
 	/* The cert is the certificate used to establish this connection */
@@ -811,6 +814,10 @@ struct ssl_ctx_st
 
 	X509_VERIFY_PARAM *param;
 
+	/* Callback for disabling session caching and ticket support
+	 * on a session basis, depending on the chosen cipher. */
+	int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
+
 #if 0
 	int purpose;		/* Purpose setting */
 	int trust;		/* Trust setting */
@@ -1088,6 +1095,10 @@ struct ssl_st
 
 	X509_VERIFY_PARAM *param;
 
+	/* Callback for disabling session caching and ticket support
+	 * on a session basis, depending on the chosen cipher. */
+	int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
+
 #if 0
 	int purpose;		/* Purpose setting */
 	int trust;		/* Trust setting */
@@ -1477,6 +1488,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_GET_RI_SUPPORT			76
 #define SSL_CTRL_CLEAR_OPTIONS			77
 #define SSL_CTRL_CLEAR_MODE			78
+#define SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB	79
 
 #define DTLSv1_get_timeout(ssl, arg) \
 	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
@@ -1875,6 +1887,12 @@ int SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
                            unsigned char *context, int context_len,
                            unsigned char *out, int olen);
 
+void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
+	int (*cb)(SSL *ssl, int is_forward_secure));
+
+void SSL_set_not_resumable_session_callback(SSL *ssl,
+	int (*cb)(SSL *ssl, int is_forward_secure));
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index ff710045dc..9dfa3aa711 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -319,6 +319,7 @@ SSL *SSL_new(SSL_CTX *ctx)
 	s->msg_callback=ctx->msg_callback;
 	s->msg_callback_arg=ctx->msg_callback_arg;
 	s->verify_mode=ctx->verify_mode;
+	s->not_resumable_session_cb=ctx->not_resumable_session_cb;
 #if 0
 	s->verify_depth=ctx->verify_depth;
 #endif
@@ -3164,6 +3165,19 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
 	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
 	}
 
+void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
+	int (*cb)(SSL *ssl, int is_forward_secure))
+	{
+	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
+		(void (*)(void))cb);
+	}
+void SSL_set_not_resumable_session_callback(SSL *ssl,
+	int (*cb)(SSL *ssl, int is_forward_secure))
+	{
+	SSL_callback_ctrl(ssl, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
+		(void (*)(void))cb);
+	}
+
 /* Allocates new EVP_MD_CTX and sets pointer to it into given pointer
  * vairable, freeing  EVP_MD_CTX previously stored in that variable, if
  * any. If EVP_MD pointer is passed, initializes ctx with this md
author	Bodo Möller <bodo@openssl.org>	2010-08-26 15:15:47 +0000
committer	Bodo Möller <bodo@openssl.org>	2010-08-26 15:15:47 +0000
commit	7c2d4fee2547650102cd16d23f8125b76112ae75 (patch)
tree	b65012d1d3e0ee6d3dae907da20a00f3cbd0d56e /ssl
parent	f16176dab409c8de444315ba00c4eff36dd0e063 (diff)