1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
/*
* Copyright (C) 2000 Nikos Mavroyanopoulos
*
* This file is part of GNUTLS.
*
* GNUTLS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUTLS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include "gnutls_int.h"
#include "gnutls_errors.h"
#include "debug.h"
/**
* gnutls_get_current_session - Returns all session parameters.
* @state: is a &GNUTLS_STATE structure.
* @session: is a pointer to space to hold the session.
* @session_size: is the session's size, or it will be set by the function.
*
* Returns all session parameters - in order to support resuming.
* The client should call this - and keep the returned session - if he wants to
* resume that current version later by calling gnutls_set_current_session()
* This function must be called after a successful handshake.
*
* Resuming sessions is really useful and speedups connections after a succesful one.
**/
int gnutls_get_current_session( GNUTLS_STATE state, opaque* session, int *session_size) {
*session_size = sizeof(SecurityParameters) + state->gnutls_key->auth_info_size;
if (state->gnutls_internals.resumable==RESUME_FALSE) return GNUTLS_E_INVALID_SESSION;
/* just return the session size */
if (session==NULL) {
return 0;
}
memcpy( session, &state->security_parameters, sizeof(SecurityParameters));
memcpy( &session[sizeof(SecurityParameters)], state->gnutls_key->auth_info, state->gnutls_key->auth_info_size);
return 0;
}
/**
* gnutls_get_current_session_id - Returns session id.
* @state: is a &GNUTLS_STATE structure.
* @session: is a pointer to space to hold the session id.
* @session_size: is the session id's size, or it will be set by the function.
*
* Returns the current session id. This can be used if you want to check if
* the next session you tried to resume was actually resumed.
* (resumed sessions have the same sessionID with the first session)
*
* Session id is some data set by the server, that identify the current session.
* In TLS 1.0 session id should not be more than 32 bytes.
**/
int gnutls_get_current_session_id( GNUTLS_STATE state, void* session, int *session_size) {
*session_size = state->security_parameters.session_id_size;
/* just return the session size */
if (session==NULL) {
return 0;
}
memcpy( session, &state->security_parameters.session_id, *session_size);
return 0;
}
/**
* gnutls_set_current_session - Sets all session parameters
* @state: is a &GNUTLS_STATE structure.
* @session: is a pointer to space to hold the session.
* @session_size: is the session's size
*
* Sets all session parameters - in order to support resuming
* session must be the one returned by gnutls_get_current_session();
* This function should be called before gnutls_handshake().
* Keep in mind that session resuming is advisory. The server may
* choose not to resume the session, thus a full handshake will be
* performed.
**/
int gnutls_set_current_session( GNUTLS_STATE state, opaque* session, int session_size) {
int auth_info_size = session_size - sizeof(SecurityParameters);
int timestamp = time(0);
SecurityParameters sp;
if (session_size < sizeof(SecurityParameters))
return GNUTLS_E_UNIMPLEMENTED_FEATURE;
memcpy( &sp, session, sizeof(SecurityParameters));
if ( timestamp - sp.timestamp <= state->gnutls_internals.expire_time
&& sp.timestamp <= timestamp) {
memcpy( &state->gnutls_internals.resumed_security_parameters, &sp, sizeof(SecurityParameters));
if (auth_info_size > 0) {
state->gnutls_key->auth_info_size = auth_info_size;
state->gnutls_key->auth_info = gnutls_malloc(auth_info_size);
memcpy( state->gnutls_key->auth_info, &session[sizeof(SecurityParameters)], auth_info_size);
} else { /* set to null */
state->gnutls_key->auth_info_size = 0;
state->gnutls_key->auth_info = NULL;
}
} else {
return GNUTLS_E_EXPIRED;
}
return 0;
}
|