diff options
Diffstat (limited to 'lib/ext/session_ticket.c')
-rw-r--r-- | lib/ext/session_ticket.c | 134 |
1 files changed, 65 insertions, 69 deletions
diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c index 2e2627e618..07b6bca851 100644 --- a/lib/ext/session_ticket.c +++ b/lib/ext/session_ticket.c @@ -45,8 +45,7 @@ #include "db.h" static int session_ticket_recv_params(gnutls_session_t session, - const uint8_t * data, - size_t data_size); + const uint8_t * data, size_t data_size); static int session_ticket_send_params(gnutls_session_t session, gnutls_buffer_st * extdata); static int session_ticket_unpack(gnutls_buffer_st * ps, @@ -59,8 +58,9 @@ const hello_ext_entry_st ext_mod_session_ticket = { .name = "Session Ticket", .tls_id = 35, .gid = GNUTLS_EXTENSION_SESSION_TICKET, - .validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO | - GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO, + .validity = + GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | + GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO, /* This extension must be parsed on session resumption as well; see * https://gitlab.com/gnutls/gnutls/issues/841 */ .client_parse_point = GNUTLS_EXT_MANDATORY, @@ -80,16 +80,15 @@ typedef struct { int session_ticket_len; } session_ticket_ext_st; -static void -deinit_ticket(struct ticket_st *ticket) +static void deinit_ticket(struct ticket_st *ticket) { free(ticket->encrypted_state); } static int -unpack_ticket(const gnutls_datum_t *ticket_data, struct ticket_st *ticket) +unpack_ticket(const gnutls_datum_t * ticket_data, struct ticket_st *ticket) { - const uint8_t * data = ticket_data->data; + const uint8_t *data = ticket_data->data; size_t data_size = ticket_data->size; const uint8_t *encrypted_state; @@ -120,8 +119,7 @@ unpack_ticket(const gnutls_datum_t *ticket_data, struct ticket_st *ticket) DECR_LEN(data_size, TICKET_MAC_SIZE); memcpy(ticket->mac, data, TICKET_MAC_SIZE); - ticket->encrypted_state = - gnutls_malloc(ticket->encrypted_state_len); + ticket->encrypted_state = gnutls_malloc(ticket->encrypted_state_len); if (!ticket->encrypted_state) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; @@ -133,7 +131,7 @@ unpack_ticket(const gnutls_datum_t *ticket_data, struct ticket_st *ticket) } static void -pack_ticket(const struct ticket_st *ticket, gnutls_datum_t *ticket_data) +pack_ticket(const struct ticket_st *ticket, gnutls_datum_t * ticket_data) { uint8_t *p; @@ -160,14 +158,14 @@ pack_ticket(const struct ticket_st *ticket, gnutls_datum_t *ticket_data) static int digest_ticket(const gnutls_datum_t * key, struct ticket_st *ticket, - uint8_t * digest) + uint8_t * digest) { mac_hd_st digest_hd; uint16_t length16; int ret; ret = _gnutls_mac_init(&digest_hd, mac_to_entry(TICKET_MAC_ALGO), - key->data, key->size); + key->data, key->size); if (ret < 0) { gnutls_assert(); return ret; @@ -178,7 +176,7 @@ int digest_ticket(const gnutls_datum_t * key, struct ticket_st *ticket, length16 = _gnutls_conv_uint16(ticket->encrypted_state_len); _gnutls_mac(&digest_hd, &length16, 2); _gnutls_mac(&digest_hd, ticket->encrypted_state, - ticket->encrypted_state_len); + ticket->encrypted_state_len); _gnutls_mac_deinit(&digest_hd, digest); return 0; @@ -186,8 +184,8 @@ int digest_ticket(const gnutls_datum_t * key, struct ticket_st *ticket, int _gnutls_decrypt_session_ticket(gnutls_session_t session, - const gnutls_datum_t *ticket_data, - gnutls_datum_t *state) + const gnutls_datum_t * ticket_data, + gnutls_datum_t * state) { cipher_hd_st cipher_hd; gnutls_datum_t IV; @@ -210,9 +208,7 @@ _gnutls_decrypt_session_ticket(gnutls_session_t session, /* If the key name of the ticket does not match the one that is currently active, issue a new ticket. */ - if (memcmp - (ticket.key_name, stek_key_name.data, - stek_key_name.size)) { + if (memcmp(ticket.key_name, stek_key_name.data, stek_key_name.size)) { ret = GNUTLS_E_DECRYPTION_FAILED; goto cleanup; } @@ -262,10 +258,10 @@ _gnutls_decrypt_session_ticket(gnutls_session_t session, ret = 0; -cleanup2: + cleanup2: _gnutls_cipher_deinit(&cipher_hd); -cleanup: + cleanup: deinit_ticket(&ticket); return ret; @@ -274,8 +270,8 @@ cleanup: int _gnutls_encrypt_session_ticket(gnutls_session_t session, - const gnutls_datum_t *state, - gnutls_datum_t *ticket_data) + const gnutls_datum_t * state, + gnutls_datum_t * ticket_data) { cipher_hd_st cipher_hd; gnutls_datum_t IV; @@ -286,14 +282,18 @@ _gnutls_encrypt_session_ticket(gnutls_session_t session, struct ticket_st ticket; int ret; - encrypted_state.size = ((state->size + TICKET_BLOCK_SIZE - 1) / TICKET_BLOCK_SIZE) * TICKET_BLOCK_SIZE; - result.size = TICKET_KEY_NAME_SIZE + TICKET_IV_SIZE + 2 + - encrypted_state.size + TICKET_MAC_SIZE; + encrypted_state.size = + ((state->size + TICKET_BLOCK_SIZE - + 1) / TICKET_BLOCK_SIZE) * TICKET_BLOCK_SIZE; + result.size = + TICKET_KEY_NAME_SIZE + TICKET_IV_SIZE + 2 + encrypted_state.size + + TICKET_MAC_SIZE; result.data = gnutls_calloc(1, result.size); if (!result.data) { return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); } - encrypted_state.data = result.data + TICKET_KEY_NAME_SIZE + TICKET_IV_SIZE + 2; + encrypted_state.data = + result.data + TICKET_KEY_NAME_SIZE + TICKET_IV_SIZE + 2; memcpy(encrypted_state.data, state->data, state->size); /* Retrieve ticket encryption keys */ @@ -333,7 +333,6 @@ _gnutls_encrypt_session_ticket(gnutls_session_t session, goto cleanup2; } - /* Fill the ticket structure to compute MAC. */ memcpy(ticket.key_name, stek_key_name.data, stek_key_name.size); memcpy(ticket.IV, IV.data, IV.size); @@ -351,17 +350,17 @@ _gnutls_encrypt_session_ticket(gnutls_session_t session, ticket_data->size = result.size; result.data = NULL; -cleanup2: + cleanup2: _gnutls_cipher_deinit(&cipher_hd); -cleanup: + cleanup: _gnutls_free_datum(&result); return ret; } static int -unpack_session(gnutls_session_t session, const gnutls_datum_t *state) +unpack_session(gnutls_session_t session, const gnutls_datum_t * state) { int ret; @@ -388,7 +387,8 @@ session_ticket_recv_params(gnutls_session_t session, gnutls_datum_t state; int ret; - if (session->internals.flags & (GNUTLS_NO_TICKETS | GNUTLS_NO_TICKETS_TLS12)) + if (session-> + internals.flags & (GNUTLS_NO_TICKETS | GNUTLS_NO_TICKETS_TLS12)) return 0; if (session->security_parameters.entity == GNUTLS_SERVER) { @@ -400,7 +400,9 @@ session_ticket_recv_params(gnutls_session_t session, ticket_data.data = (void *)data; ticket_data.size = data_size; - if ((ret = _gnutls_decrypt_session_ticket(session, &ticket_data, &state)) == 0) { + if ((ret = + _gnutls_decrypt_session_ticket(session, &ticket_data, + &state)) == 0) { ret = unpack_session(session, &state); _gnutls_free_datum(&state); @@ -425,14 +427,14 @@ session_ticket_recv_params(gnutls_session_t session, do not want to send it, and a negative number on failure. */ static int -session_ticket_send_params(gnutls_session_t session, - gnutls_buffer_st * extdata) +session_ticket_send_params(gnutls_session_t session, gnutls_buffer_st * extdata) { session_ticket_ext_st *priv = NULL; gnutls_ext_priv_data_t epriv; int ret; - if (session->internals.flags & (GNUTLS_NO_TICKETS | GNUTLS_NO_TICKETS_TLS12)) + if (session-> + internals.flags & (GNUTLS_NO_TICKETS | GNUTLS_NO_TICKETS_TLS12)) return 0; if (session->security_parameters.entity == GNUTLS_SERVER) { @@ -442,8 +444,8 @@ session_ticket_send_params(gnutls_session_t session, } else { ret = _gnutls_hello_ext_get_resumed_priv(session, - GNUTLS_EXTENSION_SESSION_TICKET, - &epriv); + GNUTLS_EXTENSION_SESSION_TICKET, + &epriv); if (ret >= 0) priv = epriv; @@ -458,8 +460,7 @@ session_ticket_send_params(gnutls_session_t session, if (priv->session_ticket_len > 0) { ret = _gnutls_buffer_append_data(extdata, - priv-> - session_ticket, + priv->session_ticket, priv-> session_ticket_len); if (ret < 0) @@ -471,7 +472,6 @@ session_ticket_send_params(gnutls_session_t session, return 0; } - static void session_ticket_deinit_data(gnutls_ext_priv_data_t epriv) { session_ticket_ext_st *priv = epriv; @@ -486,8 +486,7 @@ session_ticket_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st * ps) session_ticket_ext_st *priv = epriv; int ret; - BUFFER_APPEND_PFX4(ps, priv->session_ticket, - priv->session_ticket_len); + BUFFER_APPEND_PFX4(ps, priv->session_ticket, priv->session_ticket_len); return 0; } @@ -515,13 +514,11 @@ session_ticket_unpack(gnutls_buffer_st * ps, gnutls_ext_priv_data_t * _priv) return 0; - error: + error: gnutls_free(priv); return ret; } - - /** * gnutls_session_ticket_key_generate: * @key: is a pointer to a #gnutls_datum_t which will contain a newly @@ -610,7 +607,8 @@ gnutls_session_ticket_enable_server(gnutls_session_t session, { int ret; - if (!session || !key || key->size != TICKET_MASTER_KEY_SIZE || !key->data) { + if (!session || !key || key->size != TICKET_MASTER_KEY_SIZE + || !key->data) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } @@ -624,8 +622,7 @@ gnutls_session_ticket_enable_server(gnutls_session_t session, return 0; } -void -_gnutls_session_ticket_disable_server(gnutls_session_t session) +void _gnutls_session_ticket_disable_server(gnutls_session_t session) { session->internals.flags |= GNUTLS_NO_TICKETS; } @@ -675,10 +672,10 @@ int _gnutls_send_new_session_ticket(gnutls_session_t session, int again) * purposes than the TLS1.0 session ID. Ensure that there is an internally * set value which the server will see on the original and resumed sessions */ if (!session->internals.resumed) { - ret = _gnutls_generate_session_id(session->security_parameters. - session_id, - &session->security_parameters. - session_id_size); + ret = + _gnutls_generate_session_id + (session->security_parameters.session_id, + &session->security_parameters.session_id_size); if (ret < 0) { gnutls_assert(); return ret; @@ -696,7 +693,9 @@ int _gnutls_send_new_session_ticket(gnutls_session_t session, int again) } /* Generate an encrypted ticket */ - ret = _gnutls_encrypt_session_ticket(session, &state, &ticket_data); + ret = + _gnutls_encrypt_session_ticket(session, &state, + &ticket_data); session->security_parameters.epoch_write = epoch_saved; _gnutls_free_datum(&state); if (ret < 0) { @@ -705,8 +704,7 @@ int _gnutls_send_new_session_ticket(gnutls_session_t session, int again) } bufel = - _gnutls_handshake_alloc(session, - 4 + 2 + ticket_data.size); + _gnutls_handshake_alloc(session, 4 + 2 + ticket_data.size); if (!bufel) { gnutls_assert(); _gnutls_free_datum(&ticket_data); @@ -762,10 +760,13 @@ int _gnutls_recv_new_session_ticket(gnutls_session_t session) mbuffer_st *bufel = NULL; have = gnutls_record_check_pending(session) + - record_check_unprocessed(session); + record_check_unprocessed(session); if (have != 0) { - bufel = _mbuffer_head_get_first(&session->internals.record_buffer, NULL); + bufel = + _mbuffer_head_get_first(&session-> + internals.record_buffer, + NULL); } if (have == 0 || (bufel && bufel->type != GNUTLS_HANDSHAKE)) { @@ -784,14 +785,12 @@ int _gnutls_recv_new_session_ticket(gnutls_session_t session) p = buf.data; data_size = buf.length; - DECR_LENGTH_COM(data_size, 4, ret = - GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + DECR_LENGTH_COM(data_size, 4, ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; goto error); /* skip over lifetime hint */ p += 4; - DECR_LENGTH_COM(data_size, 2, ret = - GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + DECR_LENGTH_COM(data_size, 2, ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; goto error); ticket_len = _gnutls_read_uint16(p); p += 2; @@ -822,8 +821,7 @@ int _gnutls_recv_new_session_ticket(gnutls_session_t session) /* Discard the current session ID. (RFC5077 3.4) */ ret = - _gnutls_generate_session_id(session->security_parameters. - session_id, + _gnutls_generate_session_id(session->security_parameters.session_id, &session->security_parameters. session_id_size); if (ret < 0) { @@ -834,15 +832,13 @@ int _gnutls_recv_new_session_ticket(gnutls_session_t session) } ret = 0; - _gnutls_handshake_log - ("HSK[%p]: received session ticket\n", session); + _gnutls_handshake_log("HSK[%p]: received session ticket\n", session); session->internals.hsk_flags |= HSK_TICKET_RECEIVED; _gnutls_hello_ext_set_priv(session, - GNUTLS_EXTENSION_SESSION_TICKET, - epriv); + GNUTLS_EXTENSION_SESSION_TICKET, epriv); - error: + error: _gnutls_buffer_clear(&buf); return ret; |