Rename initial_ctx to session_ctx.
This makes its purpose clearer. That the session cache is based on the
initial SSL_CTX is confusing (it's a remnant of OpenSSL's backwards
session resumption ordering), but we're probably stuck with it.
Relatedly, document SSL_set_SSL_CTX better.
Change-Id: I2832efc63f6c959c5424271b365825afc7eec5e4
Reviewed-on: https://boringssl-review.googlesource.com/14204
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 2b57244..265931f 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2454,6 +2454,21 @@
#define SSL_TLSEXT_ERR_ALERT_FATAL 2
#define SSL_TLSEXT_ERR_NOACK 3
+/* SSL_set_SSL_CTX changes |ssl|'s |SSL_CTX|. |ssl| will use the
+ * certificate-related settings from |ctx|, and |SSL_get_SSL_CTX| will report
+ * |ctx|. This function may be used during the callbacks registered by
+ * |SSL_CTX_set_select_certificate_cb|,
+ * |SSL_CTX_set_tlsext_servername_callback|, and |SSL_CTX_set_cert_cb| or when
+ * the handshake is paused from them. It is typically used to switch
+ * certificates based on SNI.
+ *
+ * Note the session cache and related settings will continue to use the initial
+ * |SSL_CTX|. Callers should use |SSL_CTX_set_session_id_context| to partition
+ * the session cache between different domains.
+ *
+ * TODO(davidben): Should other settings change after this call? */
+OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
+
/* Application-layer protocol negotiation.
*
@@ -3174,20 +3189,6 @@
* machine as a string. This may be useful for debugging and logging. */
OPENSSL_EXPORT const char *SSL_state_string_long(const SSL *ssl);
-/* SSL_set_SSL_CTX partially changes |ssl|'s |SSL_CTX|. |ssl| will use the
- * certificate and session_id_context from |ctx|, and |SSL_get_SSL_CTX| will
- * report |ctx|. However most settings and the session cache itself will
- * continue to use the initial |SSL_CTX|. It is often used as part of SNI.
- *
- * TODO(davidben): Make a better story here and get rid of this API. Also
- * determine if there's anything else affected by |SSL_set_SSL_CTX| that
- * matters. Not as many values are affected as one might initially think. The
- * session cache explicitly selects the initial |SSL_CTX|. Most settings are
- * copied at |SSL_new| so |ctx|'s versions don't apply. This, notably, has some
- * consequences for any plans to make |SSL| copy-on-write most of its
- * configuration. */
-OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
-
#define SSL_SENT_SHUTDOWN 1
#define SSL_RECEIVED_SHUTDOWN 2
diff --git a/ssl/internal.h b/ssl/internal.h
index b8d3211..bc72239 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1881,7 +1881,9 @@
size_t supported_group_list_len;
uint16_t *supported_group_list; /* our list */
- SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */
+ /* session_ctx is the |SSL_CTX| used for the session cache and related
+ * settings. */
+ SSL_CTX *session_ctx;
/* srtp_profiles is the list of configured SRTP protection profiles for
* DTLS-SRTP. */
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 6e0ece9..95ea170 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -397,7 +397,7 @@
SSL_CTX_up_ref(ctx);
ssl->ctx = ctx;
SSL_CTX_up_ref(ctx);
- ssl->initial_ctx = ctx;
+ ssl->session_ctx = ctx;
if (!ssl->ctx->x509_method->ssl_new(ssl)) {
goto err;
@@ -480,7 +480,7 @@
ssl_cert_free(ssl->cert);
OPENSSL_free(ssl->tlsext_hostname);
- SSL_CTX_free(ssl->initial_ctx);
+ SSL_CTX_free(ssl->session_ctx);
OPENSSL_free(ssl->supported_group_list);
OPENSSL_free(ssl->alpn_client_proto_list);
EVP_PKEY_free(ssl->tlsext_channel_id_private);
@@ -1800,7 +1800,7 @@
void ssl_update_cache(SSL_HANDSHAKE *hs, int mode) {
SSL *const ssl = hs->ssl;
- SSL_CTX *ctx = ssl->initial_ctx;
+ SSL_CTX *ctx = ssl->session_ctx;
/* Never cache sessions with empty session IDs. */
if (ssl->s3->established_session->session_id_length == 0 ||
(ctx->session_cache_mode & mode) != mode) {
@@ -1985,7 +1985,7 @@
}
if (ctx == NULL) {
- ctx = ssl->initial_ctx;
+ ctx = ssl->session_ctx;
}
ssl_cert_free(ssl->cert);
diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c
index c9390d2..e11238f 100644
--- a/ssl/ssl_session.c
+++ b/ssl/ssl_session.c
@@ -535,13 +535,13 @@
if (version >= TLS1_3_VERSION) {
/* TLS 1.3 uses tickets as authenticators, so we are willing to use them for
* longer. */
- session->timeout = ssl->initial_ctx->session_psk_dhe_timeout;
+ session->timeout = ssl->session_ctx->session_psk_dhe_timeout;
session->auth_timeout = SSL_DEFAULT_SESSION_AUTH_TIMEOUT;
} else {
/* TLS 1.2 resumption does not incorporate new key material, so we use a
* much shorter timeout. */
- session->timeout = ssl->initial_ctx->session_timeout;
- session->auth_timeout = ssl->initial_ctx->session_timeout;
+ session->timeout = ssl->session_ctx->session_timeout;
+ session->auth_timeout = ssl->session_ctx->session_timeout;
}
if (is_server) {
@@ -611,7 +611,7 @@
/* Initialize HMAC and cipher contexts. If callback present it does all the
* work otherwise use generated values from parent ctx. */
- SSL_CTX *tctx = ssl->initial_ctx;
+ SSL_CTX *tctx = ssl->session_ctx;
uint8_t iv[EVP_MAX_IV_LENGTH];
uint8_t key_name[16];
if (tctx->tlsext_ticket_key_cb != NULL) {
@@ -736,27 +736,27 @@
SSL_SESSION *session = NULL;
/* Try the internal cache, if it exists. */
- if (!(ssl->initial_ctx->session_cache_mode &
+ if (!(ssl->session_ctx->session_cache_mode &
SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
SSL_SESSION data;
data.ssl_version = ssl->version;
data.session_id_length = session_id_len;
OPENSSL_memcpy(data.session_id, session_id, session_id_len);
- CRYPTO_MUTEX_lock_read(&ssl->initial_ctx->lock);
- session = lh_SSL_SESSION_retrieve(ssl->initial_ctx->sessions, &data);
+ CRYPTO_MUTEX_lock_read(&ssl->session_ctx->lock);
+ session = lh_SSL_SESSION_retrieve(ssl->session_ctx->sessions, &data);
if (session != NULL) {
SSL_SESSION_up_ref(session);
}
/* TODO(davidben): This should probably move it to the front of the list. */
- CRYPTO_MUTEX_unlock_read(&ssl->initial_ctx->lock);
+ CRYPTO_MUTEX_unlock_read(&ssl->session_ctx->lock);
}
/* Fall back to the external cache, if it exists. */
if (session == NULL &&
- ssl->initial_ctx->get_session_cb != NULL) {
+ ssl->session_ctx->get_session_cb != NULL) {
int copy = 1;
- session = ssl->initial_ctx->get_session_cb(ssl, (uint8_t *)session_id,
+ session = ssl->session_ctx->get_session_cb(ssl, (uint8_t *)session_id,
session_id_len, ©);
if (session == NULL) {
@@ -776,16 +776,16 @@
}
/* Add the externally cached session to the internal cache if necessary. */
- if (!(ssl->initial_ctx->session_cache_mode &
+ if (!(ssl->session_ctx->session_cache_mode &
SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
- SSL_CTX_add_session(ssl->initial_ctx, session);
+ SSL_CTX_add_session(ssl->session_ctx, session);
}
}
if (session != NULL &&
!ssl_session_is_time_valid(ssl, session)) {
/* The session was from the cache, so remove it. */
- SSL_CTX_remove_session(ssl->initial_ctx, session);
+ SSL_CTX_remove_session(ssl->session_ctx, session);
SSL_SESSION_free(session);
session = NULL;
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4a7fbd3..34478ed 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3013,9 +3013,9 @@
if (ssl->ctx->tlsext_servername_callback != 0) {
ret = ssl->ctx->tlsext_servername_callback(ssl, &al,
ssl->ctx->tlsext_servername_arg);
- } else if (ssl->initial_ctx->tlsext_servername_callback != 0) {
- ret = ssl->initial_ctx->tlsext_servername_callback(
- ssl, &al, ssl->initial_ctx->tlsext_servername_arg);
+ } else if (ssl->session_ctx->tlsext_servername_callback != 0) {
+ ret = ssl->session_ctx->tlsext_servername_callback(
+ ssl, &al, ssl->session_ctx->tlsext_servername_arg);
}
switch (ret) {
@@ -3048,7 +3048,7 @@
size_t ticket_len, const uint8_t *session_id,
size_t session_id_len) {
int ret = 1; /* Most errors are non-fatal. */
- SSL_CTX *ssl_ctx = ssl->initial_ctx;
+ SSL_CTX *ssl_ctx = ssl->session_ctx;
uint8_t *plaintext = NULL;
HMAC_CTX hmac_ctx;
diff --git a/ssl/tls13_client.c b/ssl/tls13_client.c
index d5f88c9..f13a4f7 100644
--- a/ssl/tls13_client.c
+++ b/ssl/tls13_client.c
@@ -258,7 +258,7 @@
/* Resumption incorporates fresh key material, so refresh the timeout. */
ssl_session_renew_timeout(ssl, hs->new_session,
- ssl->initial_ctx->session_psk_dhe_timeout);
+ ssl->session_ctx->session_psk_dhe_timeout);
} else if (!ssl_get_new_session(hs, 0)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
diff --git a/ssl/tls13_server.c b/ssl/tls13_server.c
index 59c126e..4136a69 100644
--- a/ssl/tls13_server.c
+++ b/ssl/tls13_server.c
@@ -256,7 +256,7 @@
/* Resumption incorporates fresh key material, so refresh the timeout. */
ssl_session_renew_timeout(ssl, hs->new_session,
- ssl->initial_ctx->session_psk_dhe_timeout);
+ ssl->session_ctx->session_psk_dhe_timeout);
}
if (ssl->ctx->dos_protection_cb != NULL &&
