36
36
/* int tls_scache_delete(cache, cache_id)
37
37
/* TLS_SCACHE *cache;
38
38
/* const char *cache_id;
40
/* TLS_TICKET_KEY *tls_scache_key(keyname, now, timeout)
41
/* unsigned char *keyname;
45
/* TLS_TICKET_KEY *tls_scache_key_rotate(newkey)
46
/* TLS_TICKET_KEY *newkey;
40
48
/* This module maintains Postfix TLS session cache files.
41
49
/* each session is stored under a lookup key (hostname or
67
75
/* tls_scache_delete() removes the specified cache entry from
68
76
/* the specified TLS session cache.
78
/* tls_scache_key() locates a TLS session ticket key in a 2-element
79
/* in-memory cache. A null result is returned if no unexpired matching
82
/* tls_scache_key_rotate() saves a TLS session tickets key in the
72
87
/* The base name of the session cache file.
96
111
/* Specify TLS_SCACHE_DONT_NEED_SESSION to avoid
97
112
/* saving the session information in the cache entry.
114
/* Is null when requesting the current encryption keys. Otherwise,
115
/* keyname is a pointer to an array of TLS_TICKET_NAMELEN unsigned
116
/* chars (not NUL terminated) that is an identifier for a key
117
/* previously used to encrypt a session ticket.
119
/* Current epoch time passed by caller.
121
/* TLS session ticket encryption lifetime.
123
/* TLS session ticket key obtained from tlsmgr(8) to be added to
99
126
/* These routines terminate with a fatal run-time error
100
127
/* for unrecoverable database errors. This allows the
376
406
* Delete behind. This is a no-op if an expired cache entry was updated
377
407
* in the mean time. Use the saved lookup criteria so that the "delete
378
408
* behind" operation works as promised.
410
* The delete-behind strategy assumes that all updates are made by a single
411
* process. Otherwise, delete-behind may remove an entry that was updated
412
* after it was scheduled for deletion.
380
414
if (cp->flags & TLS_SCACHE_FLAG_DEL_SAVED_CURSOR) {
381
415
cp->flags &= ~TLS_SCACHE_FLAG_DEL_SAVED_CURSOR;
500
534
myfree((char *) cp);
537
/* tls_scache_key - find session ticket key for given key name */
539
TLS_TICKET_KEY *tls_scache_key(unsigned char *keyname, time_t now, int timeout)
544
* The keys array contains 2 elements, the current signing key and the
547
* When name == 0 we are issuing a ticket, otherwise decrypting an existing
548
* ticket with the given key name. For new tickets we always use the
549
* current key if unexpired. For existing tickets, we use either the
550
* current or previous key with a validation expiration that is timeout
551
* longer than the signing expiration.
554
for (i = 0; i < 2 && keys[i]; ++i) {
555
if (memcmp(keyname, keys[i]->name, TLS_TICKET_NAMELEN) == 0) {
556
if (timecmp(keys[i]->tout + timeout, now) > 0)
561
} else if (keys[0]) {
562
if (timecmp(keys[0]->tout, now) > 0)
568
/* tls_scache_key_rotate - rotate session ticket keys */
570
TLS_TICKET_KEY *tls_scache_key_rotate(TLS_TICKET_KEY *newkey)
574
* Allocate or re-use storage of retired key, then overwrite it, since
575
* caller's key data is ephemeral.
578
keys[1] = (TLS_TICKET_KEY *) mymalloc(sizeof(*newkey));
583
* Rotate if required, ensuring that the keys are sorted by expiration
584
* time with keys[0] expiring last.
586
if (keys[0] == 0 || keys[0]->tout < keys[1]->tout) {