153 	return(ssl->session);
161 	 * somebody doesn't free ssl->session between when we check it's
164 	sess = ssl->session;
239 /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
265 	 * to atomically check whether a session ID already exists
277 int ssl_get_new_session(SSL *s, int session)
295 	if (s->session != NULL)
297 		SSL_SESSION_free(s->session);
298 		s->session=NULL;
301 	if (session)
345 		/* If RFC4507 ticket use empty session ID */
352 		/* Choose which callback will set the session ID */
359 		/* Choose a session ID */
369 		/* Don't allow the callback to set the session length to zero.
379 		/* If the session length was shrunk and we're SSLv2, pad it */
456 	s->session=ss;
466  *   session_id: points at the session ID in the ClientHello. This code will
467  *       read past the end of this in order to parse out the session ticket
469  *   len: the length of the session ID.
474  *    0: a session may have been found.
477  *   - If a session is found then s->session is pointed at it (after freeing an
478  *     existing session if need be) and s->verify_result is set from the session.
480  *     if the server should issue a new session ticket (to 0 otherwise).
509 		break; /* Ok to carry on processing session id. */
551 			/* Increment reference count now if the session callback
552 			 * asks us to do so (note that if the session structures
559 			/* Add the externally cached session to the internal
576 		/* We have the session requested by the client, but we don't
583 		/* We can't be sure if this session is being used out of
589 		 * applications to effectively disable the session cache by
619 			/* session was from the cache, so remove it */
627 	if (s->session != NULL)
628 		SSL_SESSION_free(s->session);
629 	s->session=ret;
630 	s->verify_result = s->session->verify_result;
640 			/* The session was from a ticket, so we should
641 			 * issue a ticket for the new session */
657 	/* add just 1 reference count for the SSL_CTX's session cache
658 	 * even though it has two ways of access: each session is in a
661 	/* if session c is in already in cache, we take back the increment later */
666 	/* s != NULL iff we already had a session with the given PID.
674 		/* ... so pretend the other session did not exist in cache
676 		 * session ID in the same cache, which could happen e.g. when
677 		 * two threads concurrently obtain the same session from an external
804 int SSL_set_session(SSL *s, SSL_SESSION *session)
809 	if (session != NULL)
811 		meth=s->ctx->method->get_ssl_method(session->ssl_version);
813 			meth=s->method->get_ssl_method(session->ssl_version);
828                     session->krb5_client_princ_len > 0)
830                     s->kssl_ctx->client_princ = (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
831                     memcpy(s->kssl_ctx->client_princ,session->krb5_client_princ,
832                             session->krb5_client_princ_len);
833                     s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
838 		CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
839 		if (s->session != NULL)
840 			SSL_SESSION_free(s->session);
841 		s->session=session;
842 		s->verify_result = s->session->verify_result;
848 		if (s->session != NULL)
850 			SSL_SESSION_free(s->session);
851 			s->session=NULL;
1024 	if (	(s->session != NULL) &&
1028 		SSL_CTX_remove_session(s->ctx,s->session);

Indexes created Fri Mar 13 02:32:08 CET 2015