X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;ds=sidebyside;f=lib%2Fstream-ssl.c;h=f7112c3e14c2498990fd640757c0ec799eb23c0e;hb=cb034511802ff7516ca2a94da1e161965fb80ad0;hp=2bc9d1a85ed8ed61a86ba01452761ff1b9fa11f7;hpb=da61d5732e5c8344a976275922c7d51c05c45781;p=openvswitch diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c index 2bc9d1a8..f7112c3e 100644 --- a/lib/stream-ssl.c +++ b/lib/stream-ssl.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2009, 2010 Nicira Networks. + * Copyright (c) 2008, 2009, 2010, 2011 Nicira Networks. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -30,12 +30,14 @@ #include #include #include +#include "coverage.h" #include "dynamic-string.h" #include "leak-checker.h" #include "ofpbuf.h" #include "openflow/openflow.h" #include "packets.h" #include "poll-loop.h" +#include "shash.h" #include "socket-util.h" #include "util.h" #include "stream-provider.h" @@ -43,7 +45,10 @@ #include "timeval.h" #include "vlog.h" -VLOG_DEFINE_THIS_MODULE(stream_ssl) +VLOG_DEFINE_THIS_MODULE(stream_ssl); + +COVERAGE_DEFINE(ssl_session); +COVERAGE_DEFINE(ssl_session_reused); /* Active SSL. */ @@ -133,6 +138,20 @@ struct ssl_stream /* SSL context created by ssl_init(). */ static SSL_CTX *ctx; +/* Maps from stream target (e.g. "127.0.0.1:1234") to SSL_SESSION *. The + * sessions are those from the last SSL connection to the given target. + * OpenSSL caches server-side sessions internally, so this cache is only used + * for client connections. + * + * The stream_ssl module owns a reference to each of the sessions in this + * table, so they must be freed with SSL_SESSION_free() when they are no + * longer needed. */ +static struct shash client_sessions = SHASH_INITIALIZER(&client_sessions); + +/* Maximum number of client sessions to cache. Ordinarily I'd expect that one + * session would be sufficient but this should cover it. */ +#define MAX_CLIENT_SESSION_CACHE 16 + struct ssl_config_file { bool read; /* Whether the file was successfully read. */ char *file_name; /* Configured file name, if any. */ @@ -169,6 +188,7 @@ static int do_ssl_init(void); static bool ssl_wants_io(int ssl_error); static void ssl_close(struct stream *); static void ssl_clear_txbuf(struct ssl_stream *); +static void interpret_queued_ssl_error(const char *function); static int interpret_ssl_error(const char *function, int ret, int error, int *want); static DH *tmp_dh_callback(SSL *ssl, int is_export OVS_UNUSED, int keylength); @@ -260,6 +280,13 @@ new_ssl_stream(const char *name, int fd, enum session_type type, if (!verify_peer_cert || (bootstrap_ca_cert && type == CLIENT)) { SSL_set_verify(ssl, SSL_VERIFY_NONE, NULL); } + if (type == CLIENT) { + /* Grab SSL session information from the cache. */ + SSL_SESSION *session = shash_find_data(&client_sessions, name); + if (session && SSL_set_session(ssl, session) != 1) { + interpret_queued_ssl_error("SSL_set_session"); + } + } /* Create and return the ssl_stream. */ sslv = xmalloc(sizeof *sslv); @@ -369,7 +396,7 @@ do_ca_cert_bootstrap(struct stream *stream) file = fdopen(fd, "w"); if (!file) { - int error = errno; + error = errno; VLOG_ERR("could not bootstrap CA cert: fdopen failed: %s", strerror(error)); unlink(ca_cert.file_name); @@ -386,7 +413,7 @@ do_ca_cert_bootstrap(struct stream *stream) } if (fclose(file)) { - int error = errno; + error = errno; VLOG_ERR("could not bootstrap CA cert: writing %s failed: %s", ca_cert.file_name, strerror(error)); unlink(ca_cert.file_name); @@ -416,6 +443,58 @@ do_ca_cert_bootstrap(struct stream *stream) return EPROTO; } +static void +ssl_delete_session(struct shash_node *node) +{ + SSL_SESSION *session = node->data; + SSL_SESSION_free(session); + shash_delete(&client_sessions, node); +} + +/* Find and free any previously cached session for 'stream''s target. */ +static void +ssl_flush_session(struct stream *stream) +{ + struct shash_node *node; + + node = shash_find(&client_sessions, stream_get_name(stream)); + if (node) { + ssl_delete_session(node); + } +} + +/* Add 'stream''s session to the cache for its target, so that it will be + * reused for future SSL connections to the same target. */ +static void +ssl_cache_session(struct stream *stream) +{ + struct ssl_stream *sslv = ssl_stream_cast(stream); + SSL_SESSION *session; + + /* Get session from stream. */ + session = SSL_get1_session(sslv->ssl); + if (session) { + SSL_SESSION *old_session; + + old_session = shash_replace(&client_sessions, stream_get_name(stream), + session); + if (old_session) { + /* Free the session that we replaced. (We might actually have + * session == old_session, but either way we have to free it to + * avoid leaking a reference.) */ + SSL_SESSION_free(old_session); + } else if (shash_count(&client_sessions) > MAX_CLIENT_SESSION_CACHE) { + for (;;) { + struct shash_node *node = shash_random_node(&client_sessions); + if (node->data != session) { + ssl_delete_session(node); + break; + } + } + } + } +} + static int ssl_connect(struct stream *stream) { @@ -447,6 +526,18 @@ ssl_connect(struct stream *stream) return EAGAIN; } else { int unused; + + if (sslv->type == CLIENT) { + /* Delete any cached session for this stream's target. + * Otherwise a single error causes recurring errors that + * don't resolve until the SSL client or server is + * restarted. (It can take dozens of reused connections to + * see this behavior, so this is difficult to test.) If we + * delete the session on the first error, though, the error + * only occurs once and then resolves itself. */ + ssl_flush_session(stream); + } + interpret_ssl_error((sslv->type == CLIENT ? "SSL_connect" : "SSL_accept"), retval, error, &unused); shutdown(sslv->fd, SHUT_RDWR); @@ -471,6 +562,11 @@ ssl_connect(struct stream *stream) VLOG_ERR("rejecting SSL connection during bootstrap race window"); return EPROTO; } else { + /* Statistics. */ + COVERAGE_INC(ssl_session); + if (SSL_session_reused(sslv->ssl)) { + COVERAGE_INC(ssl_session_reused); + } return 0; } } @@ -491,6 +587,8 @@ ssl_close(struct stream *stream) * background. */ SSL_shutdown(sslv->ssl); + ssl_cache_session(stream); + /* SSL_shutdown() might have signaled an error, in which case we need to * flush it out of the OpenSSL error queue or the next OpenSSL operation * will falsely signal an error. */ @@ -501,6 +599,18 @@ ssl_close(struct stream *stream) free(sslv); } +static void +interpret_queued_ssl_error(const char *function) +{ + int queued_error = ERR_get_error(); + if (queued_error != 0) { + VLOG_WARN_RL(&rl, "%s: %s", + function, ERR_error_string(queued_error, NULL)); + } else { + VLOG_ERR_RL(&rl, "%s: SSL_ERROR_SSL without queued error", function); + } +} + static int interpret_ssl_error(const char *function, int ret, int error, int *want) @@ -557,17 +667,9 @@ interpret_ssl_error(const char *function, int ret, int error, } } - case SSL_ERROR_SSL: { - int queued_error = ERR_get_error(); - if (queued_error != 0) { - VLOG_WARN_RL(&rl, "%s: %s", - function, ERR_error_string(queued_error, NULL)); - } else { - VLOG_ERR_RL(&rl, "%s: SSL_ERROR_SSL without queued error", - function); - } + case SSL_ERROR_SSL: + interpret_queued_ssl_error(function); break; - } default: VLOG_ERR_RL(&rl, "%s: bad SSL error code %d", function, error); @@ -817,7 +919,7 @@ pssl_accept(struct pstream *pstream, struct stream **new_streamp) new_fd = accept(pssl->fd, &sin, &sin_len); if (new_fd < 0) { - int error = errno; + error = errno; if (error != EAGAIN) { VLOG_DBG_RL(&rl, "accept: %s", strerror(error)); } @@ -884,7 +986,9 @@ do_ssl_init(void) SSL_library_init(); SSL_load_error_strings(); - method = TLSv1_method(); + /* New OpenSSL changed TLSv1_method() to return a "const" pointer, so the + * cast is needed to avoid a warning with those newer versions. */ + method = (SSL_METHOD *) TLSv1_method(); if (method == NULL) { VLOG_ERR("TLSv1_method: %s", ERR_error_string(ERR_get_error(), NULL)); return ENOPROTOOPT; @@ -902,6 +1006,17 @@ do_ssl_init(void) SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); + /* We have to set a session context ID string in 'ctx' because OpenSSL + * otherwise refuses to use a cached session on the server side when + * SSL_VERIFY_PEER is set. And it not only refuses to use the cached + * session, it actually generates an error and kills the connection. + * According to a comment in ssl_get_prev_session() in OpenSSL's + * ssl/ssl_sess.c, this is intentional behavior. + * + * Any context string is OK, as long as one is set. */ + SSL_CTX_set_session_id_context(ctx, (const unsigned char *) PACKAGE, + strlen(PACKAGE)); + return 0; } @@ -941,7 +1056,7 @@ tmp_dh_callback(SSL *ssl OVS_UNUSED, int is_export OVS_UNUSED, int keylength) /* Returns true if SSL is at least partially configured. */ bool -stream_ssl_is_configured(void) +stream_ssl_is_configured(void) { return private_key.file_name || certificate.file_name || ca_cert.file_name; } @@ -1158,7 +1273,7 @@ log_ca_cert(const char *file_name, X509 *cert) subject = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0); VLOG_INFO("Trusting CA cert from %s (%s) (fingerprint %s)", file_name, subject ? subject : "", ds_cstr(&fp)); - free(subject); + OPENSSL_free(subject); ds_destroy(&fp); } @@ -1182,7 +1297,7 @@ stream_ssl_set_ca_cert_file__(const char *file_name, bool bootstrap) for (i = 0; i < n_certs; i++) { /* SSL_CTX_add_client_CA makes a copy of the relevant data. */ if (SSL_CTX_add_client_CA(ctx, certs[i]) != 1) { - VLOG_ERR("failed to add client certificate %d from %s: %s", + VLOG_ERR("failed to add client certificate %zu from %s: %s", i, file_name, ERR_error_string(ERR_get_error(), NULL)); } else {