Back to index

lightning-sunbird  0.9+nobinonly
Defines | Functions | Variables
sslnonce.c File Reference
#include "nssrenam.h"
#include "cert.h"
#include "secitem.h"
#include "ssl.h"
#include "sslimpl.h"
#include "sslproto.h"
#include "nssilock.h"
#include "nsslocks.h"

Go to the source code of this file.

Defines

#define LOCK_CACHE   lock_cache()
#define UNLOCK_CACHE   PZ_Unlock(cacheLock)

Functions

void ssl_InitClientSessionCacheLock (void)
static void lock_cache (void)
static void ssl_DestroySID (sslSessionID *sid)
static void ssl_FreeLockedSID (sslSessionID *sid)
void ssl_FreeSID (sslSessionID *sid)
sslSessionID * ssl_LookupSID (const PRIPv6Addr *addr, PRUint16 port, const char *peerID, const char *urlSvrName)
static void CacheSID (sslSessionID *sid)
static void UncacheSID (sslSessionID *zap)
static void LockAndUncacheSID (sslSessionID *zap)
void ssl_ChooseSessionIDProcs (sslSecurityInfo *sec)
void SSL_ClearSessionCache (void)
PRUint32 ssl_Time (void)

Variables

PRUint32 ssl_sid_timeout = 100
PRUint32 ssl3_sid_timeout = 86400L
static sslSessionID * cache = NULL
static PZLockcacheLock = NULL

Define Documentation

Definition at line 68 of file sslnonce.c.

Definition at line 69 of file sslnonce.c.


Function Documentation

static void CacheSID ( sslSessionID *  sid) [static]

Definition at line 220 of file sslnonce.c.

{
    PRUint32  expirationPeriod;
    SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
              "time=%x cached=%d",
              sid, sid->cached, sid->addr.pr_s6_addr32[0], 
              sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2],
              sid->addr.pr_s6_addr32[3],  sid->port, sid->creationTime,
              sid->cached));

    if (sid->cached == in_client_cache)
       return;

    if (!sid->urlSvrName) {
        /* don't cache this SID because it can never be matched */
        return;
    }

    /* XXX should be different trace for version 2 vs. version 3 */
    if (sid->version < SSL_LIBRARY_VERSION_3_0) {
       expirationPeriod = ssl_sid_timeout;
       PRINT_BUF(8, (0, "sessionID:",
                sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID)));
       PRINT_BUF(8, (0, "masterKey:",
                sid->u.ssl2.masterKey.data, sid->u.ssl2.masterKey.len));
       PRINT_BUF(8, (0, "cipherArg:",
                sid->u.ssl2.cipherArg.data, sid->u.ssl2.cipherArg.len));
    } else {
       if (sid->u.ssl3.sessionIDLength == 0) 
           return;
       expirationPeriod = ssl3_sid_timeout;
       PRINT_BUF(8, (0, "sessionID:",
                    sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength));
    }
    PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
    if (!sid->creationTime)
       sid->lastAccessTime = sid->creationTime = ssl_Time();
    if (!sid->expirationTime)
       sid->expirationTime = sid->creationTime + expirationPeriod;

    /*
     * Put sid into the cache.  Bump reference count to indicate that
     * cache is holding a reference. Uncache will reduce the cache
     * reference.
     */
    LOCK_CACHE;
    sid->references++;
    sid->cached = in_client_cache;
    sid->next   = cache;
    cache       = sid;
    UNLOCK_CACHE;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void lock_cache ( void  ) [static]

Definition at line 78 of file sslnonce.c.

Here is the call graph for this function:

static void LockAndUncacheSID ( sslSessionID *  zap) [static]

Definition at line 325 of file sslnonce.c.

Here is the call graph for this function:

Here is the caller graph for this function:

void ssl_ChooseSessionIDProcs ( sslSecurityInfo *  sec)

Definition at line 335 of file sslnonce.c.

{
    if (sec->isServer) {
       sec->cache   = ssl_sid_cache;
       sec->uncache = ssl_sid_uncache;
    } else {
       sec->cache   = CacheSID;
       sec->uncache = LockAndUncacheSID;
    }
}

Definition at line 348 of file sslnonce.c.

static void ssl_DestroySID ( sslSessionID *  sid) [static]

Definition at line 88 of file sslnonce.c.

{
    SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached));
    PORT_Assert((sid->references == 0));

    if (sid->cached == in_client_cache)
       return;       /* it will get taken care of next time cache is traversed. */

    if (sid->version < SSL_LIBRARY_VERSION_3_0) {
       SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE);
       SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE);
    }
    if (sid->peerID != NULL)
       PORT_Free((void *)sid->peerID);           /* CONST */

    if (sid->urlSvrName != NULL)
       PORT_Free((void *)sid->urlSvrName);       /* CONST */

    if ( sid->peerCert ) {
       CERT_DestroyCertificate(sid->peerCert);
    }
    if ( sid->localCert ) {
       CERT_DestroyCertificate(sid->localCert);
    }
    
    PORT_ZFree(sid, sizeof(sslSessionID));
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void ssl_FreeLockedSID ( sslSessionID *  sid) [static]

Definition at line 124 of file sslnonce.c.

{
    PORT_Assert(sid->references >= 1);
    if (--sid->references == 0) {
       ssl_DestroySID(sid);
    }
}

Here is the call graph for this function:

Here is the caller graph for this function:

void ssl_FreeSID ( sslSessionID *  sid)

Definition at line 139 of file sslnonce.c.

Definition at line 71 of file sslnonce.c.

sslSessionID* ssl_LookupSID ( const PRIPv6Addr addr,
PRUint16  port,
const char *  peerID,
const char *  urlSvrName 
)

Definition at line 155 of file sslnonce.c.

{
    sslSessionID **sidp;
    sslSessionID * sid;
    PRUint32       now;

    if (!urlSvrName)
       return NULL;
    now = ssl_Time();
    LOCK_CACHE;
    sidp = &cache;
    while ((sid = *sidp) != 0) {
       PORT_Assert(sid->cached == in_client_cache);
       PORT_Assert(sid->references >= 1);

       SSL_TRC(8, ("SSL: Lookup1: sid=0x%x", sid));

       if (sid->expirationTime < now || !sid->references) {
           /*
           ** This session-id timed out, or was orphaned.
           ** Don't even care who it belongs to, blow it out of our cache.
           */
           SSL_TRC(7, ("SSL: lookup1, throwing sid out, age=%d refs=%d",
                     now - sid->creationTime, sid->references));

           *sidp = sid->next;                    /* delink it from the list. */
           sid->cached = invalid_cache;   /* mark not on list. */
           if (!sid->references)
              ssl_DestroySID(sid);
           else
              ssl_FreeLockedSID(sid);            /* drop ref count, free. */

       } else if (!memcmp(&sid->addr, addr, sizeof(PRIPv6Addr)) && /* server IP addr matches */
                  (sid->port == port) && /* server port matches */
                 /* proxy (peerID) matches */
                 (((peerID == NULL) && (sid->peerID == NULL)) ||
                  ((peerID != NULL) && (sid->peerID != NULL) &&
                   PORT_Strcmp(sid->peerID, peerID) == 0)) &&
                 /* is cacheable */
                 (sid->version < SSL_LIBRARY_VERSION_3_0 ||
                  sid->u.ssl3.keys.resumable) &&
                 /* server hostname matches. */
                  (sid->urlSvrName != NULL) &&
                 ((0 == PORT_Strcmp(urlSvrName, sid->urlSvrName)) ||
                  ((sid->peerCert != NULL) && (SECSuccess == 
                    CERT_VerifyCertName(sid->peerCert, urlSvrName))) )
                ) {
           /* Hit */
           sid->lastAccessTime = now;
           sid->references++;
           break;
       } else {
           sidp = &sid->next;
       }
    }
    UNLOCK_CACHE;
    return sid;
}

Definition at line 358 of file sslnonce.c.

{
    PRUint32 myTime;
#if (defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
    myTime = time(NULL);    /* accurate until the year 2038. */
#else
    /* portable, but possibly slower */
    PRTime now;
    PRInt64 ll;

    now = PR_Now();
    LL_I2L(ll, 1000000L);
    LL_DIV(now, now, ll);
    LL_L2UI(myTime, now);
#endif
    return myTime;
}
static void UncacheSID ( sslSessionID *  zap) [static]

Definition at line 279 of file sslnonce.c.

{
    sslSessionID **sidp = &cache;
    sslSessionID *sid;

    if (zap->cached != in_client_cache) {
       return;
    }

    SSL_TRC(8,("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
              "time=%x cipher=%d",
              zap, zap->cached, zap->addr.pr_s6_addr32[0],
              zap->addr.pr_s6_addr32[1], zap->addr.pr_s6_addr32[2],
              zap->addr.pr_s6_addr32[3], zap->port, zap->creationTime,
              zap->u.ssl2.cipherType));
    if (zap->version < SSL_LIBRARY_VERSION_3_0) {
       PRINT_BUF(8, (0, "sessionID:",
                    zap->u.ssl2.sessionID, sizeof(zap->u.ssl2.sessionID)));
       PRINT_BUF(8, (0, "masterKey:",
                    zap->u.ssl2.masterKey.data, zap->u.ssl2.masterKey.len));
       PRINT_BUF(8, (0, "cipherArg:",
                    zap->u.ssl2.cipherArg.data, zap->u.ssl2.cipherArg.len));
    }

    /* See if it's in the cache, if so nuke it */
    while ((sid = *sidp) != 0) {
       if (sid == zap) {
           /*
           ** Bingo. Reduce reference count by one so that when
           ** everyone is done with the sid we can free it up.
           */
           *sidp = zap->next;
           zap->cached = invalid_cache;
           ssl_FreeLockedSID(zap);
           return;
       }
       sidp = &sid->next;
    }
}

Here is the call graph for this function:

Here is the caller graph for this function:


Variable Documentation

sslSessionID* cache = NULL [static]

Definition at line 57 of file sslnonce.c.

PZLock* cacheLock = NULL [static]

Definition at line 58 of file sslnonce.c.

Definition at line 55 of file sslnonce.c.

Definition at line 54 of file sslnonce.c.