Rewrite session cache in OpenSSL ports.

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <errno.h>
@@ skipping 16 matching lines @@
 #include "crypto/scoped_openssl_types.h"
 #include "net/base/net_errors.h"
 #include "net/cert/cert_policy_enforcer.h"
 #include "net/cert/cert_verifier.h"
 #include "net/cert/ct_ev_whitelist.h"
 #include "net/cert/ct_verifier.h"
 #include "net/cert/single_request_cert_verifier.h"
 #include "net/cert/x509_certificate_net_log_param.h"
 #include "net/cert/x509_util_openssl.h"
 #include "net/http/transport_security_state.h"
-#include "net/socket/ssl_session_cache_openssl.h"
 #include "net/ssl/scoped_openssl_types.h"
 #include "net/ssl/ssl_cert_request_info.h"
+#include "net/ssl/ssl_client_session_cache_openssl.h"
 #include "net/ssl/ssl_connection_status_flags.h"
 #include "net/ssl/ssl_info.h"
 
 #if defined(OS_WIN)
 #include "base/win/windows_version.h"
 #endif
 
 #if defined(USE_OPENSSL_CERTS)
 #include "net/ssl/openssl_client_key_store.h"
 #else
@@ skipping 107 matching lines @@
   return false;
 #endif
 }
 
 }  // namespace
 
 class SSLClientSocketOpenSSL::SSLContext {
  public:
   static SSLContext* GetInstance() { return Singleton<SSLContext>::get(); }
   SSL_CTX* ssl_ctx() { return ssl_ctx_.get(); }
-  SSLSessionCacheOpenSSL* session_cache() { return &session_cache_; }
+  SSLClientSessionCacheOpenSSL* session_cache() { return &session_cache_; }
 
   SSLClientSocketOpenSSL* GetClientSocketFromSSL(const SSL* ssl) {
     DCHECK(ssl);
     SSLClientSocketOpenSSL* socket = static_cast<SSLClientSocketOpenSSL*>(
         SSL_get_ex_data(ssl, ssl_socket_data_index_));
     DCHECK(socket);
     return socket;
   }
 
   bool SetClientSocketForSSL(SSL* ssl, SSLClientSocketOpenSSL* socket) {
     return SSL_set_ex_data(ssl, ssl_socket_data_index_, socket) != 0;
   }
 
  private:
   friend struct DefaultSingletonTraits<SSLContext>;
 
-  SSLContext() {
+  SSLContext() : session_cache_(SSLClientSessionCacheOpenSSL::Config()) {
     crypto::EnsureOpenSSLInit();
     ssl_socket_data_index_ = SSL_get_ex_new_index(0, 0, 0, 0, 0);
     DCHECK_NE(ssl_socket_data_index_, -1);
     ssl_ctx_.reset(SSL_CTX_new(SSLv23_client_method()));
-    session_cache_.Reset(ssl_ctx_.get(), kDefaultSessionCacheConfig);
     SSL_CTX_set_cert_verify_callback(ssl_ctx_.get(), CertVerifyCallback, NULL);
     SSL_CTX_set_cert_cb(ssl_ctx_.get(), ClientCertRequestCallback, NULL);
     SSL_CTX_set_verify(ssl_ctx_.get(), SSL_VERIFY_PEER, NULL);
     // This stops |SSL_shutdown| from generating the close_notify message, which
     // is currently not sent on the network.
     // TODO(haavardm): Remove setting quiet shutdown once 118366 is fixed.
     SSL_CTX_set_quiet_shutdown(ssl_ctx_.get(), 1);
     // TODO(kristianm): Only select this if ssl_config_.next_proto is not empty.
     // It would be better if the callback were not a global setting,
     // but that is an OpenSSL issue.
     SSL_CTX_set_next_proto_select_cb(ssl_ctx_.get(), SelectNextProtoCallback,
                                      NULL);
     ssl_ctx_->tlsext_channel_id_enabled_new = 1;
 
+    // Set up the session cache. NO_INTERNAL_STORE disables OpenSSL's builtin
+    // cache, and NO_AUTO_CLEAR disables the call to SSL_CTX_flush_sessions
+    // every 256 connections. (This number is hard-coded in the library and
+    // can't be changed.)
+    SSL_CTX_set_session_cache_mode(ssl_ctx_.get(),
+                                   SSL_SESS_CACHE_CLIENT |
+                                       SSL_SESS_CACHE_NO_INTERNAL_STORE |
+                                       SSL_SESS_CACHE_NO_AUTO_CLEAR);
+
     scoped_ptr<base::Environment> env(base::Environment::Create());
     std::string ssl_keylog_file;
     if (env->GetVar("SSLKEYLOGFILE", &ssl_keylog_file) &&
         !ssl_keylog_file.empty()) {
       crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
       BIO* bio = BIO_new_file(ssl_keylog_file.c_str(), "a");
       if (!bio) {
         LOG(ERROR) << "Failed to open " << ssl_keylog_file;
         ERR_print_errors_cb(&LogErrorCallback, NULL);
       } else {
         SSL_CTX_set_keylog_bio(ssl_ctx_.get(), bio);
       }
     }
   }
 
-  static std::string GetSessionCacheKey(const SSL* ssl) {
-    SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl);
-    DCHECK(socket);
-    return socket->GetSessionCacheKey();
-  }
-
-  static SSLSessionCacheOpenSSL::Config kDefaultSessionCacheConfig;
-
   static int ClientCertRequestCallback(SSL* ssl, void* arg) {
     SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl);
     DCHECK(socket);
     return socket->ClientCertRequestCallback(ssl);
   }
 
   static int CertVerifyCallback(X509_STORE_CTX *store_ctx, void *arg) {
     SSL* ssl = reinterpret_cast<SSL*>(X509_STORE_CTX_get_ex_data(
         store_ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
     SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl);
     CHECK(socket);
 
     return socket->CertVerifyCallback(store_ctx);
   }
 
   static int SelectNextProtoCallback(SSL* ssl,
                                      unsigned char** out, unsigned char* outlen,
                                      const unsigned char* in,
                                      unsigned int inlen, void* arg) {
     SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl);
     return socket->SelectNextProtoCallback(out, outlen, in, inlen);
   }
 
   // This is the index used with SSL_get_ex_data to retrieve the owner
   // SSLClientSocketOpenSSL object from an SSL instance.
   int ssl_socket_data_index_;
 
   ScopedSSL_CTX ssl_ctx_;
-  // |session_cache_| must be destroyed before |ssl_ctx_|.
-  SSLSessionCacheOpenSSL session_cache_;
+
+  // TODO(davidben): Use a separate cache per URLRequestContext.
+  // https://crbug.com/458365
+  //
+  // TODO(davidben): Sessions should be invalidated on fatal
+  // alerts. https://crbug.com/466352
+  SSLClientSessionCacheOpenSSL session_cache_;
 };
 
 // PeerCertificateChain is a helper object which extracts the certificate
 // chain, as given by the server, from an OpenSSL socket and performs the needed
 // resource management. The first element of the chain is the leaf certificate
 // and the other elements are in the order given by the server.
 class SSLClientSocketOpenSSL::PeerCertificateChain {
  public:
   explicit PeerCertificateChain(STACK_OF(X509)* chain) { Reset(chain); }
   PeerCertificateChain(const PeerCertificateChain& other) { *this = other; }
@@ skipping 64 matching lines @@
     if (!x509_util::GetDER(x, &der))
       return NULL;
     der_chain.push_back(der);
   }
 
   return make_scoped_refptr(X509Certificate::CreateFromDERCertChain(der_chain));
 #endif
 }
 
 // static
-SSLSessionCacheOpenSSL::Config
-    SSLClientSocketOpenSSL::SSLContext::kDefaultSessionCacheConfig = {
-        &GetSessionCacheKey,  // key_func
-        1024,                 // max_entries
-        256,                  // expiration_check_count
-        60 * 60,              // timeout_seconds
-};
-
-// static
 void SSLClientSocket::ClearSessionCache() {
   SSLClientSocketOpenSSL::SSLContext* context =
       SSLClientSocketOpenSSL::SSLContext::GetInstance();
   context->session_cache()->Flush();
 }
 
 // static
 uint16 SSLClientSocket::GetMaxSupportedSSLVersion() {
   return SSL_PROTOCOL_VERSION_TLS1_2;
 }
@@ skipping 20 matching lines @@
       transport_bio_(NULL),
       transport_(transport_socket.Pass()),
       host_and_port_(host_and_port),
       ssl_config_(ssl_config),
       ssl_session_cache_shard_(context.ssl_session_cache_shard),
       trying_cached_session_(false),
       next_handshake_state_(STATE_NONE),
       npn_status_(kNextProtoUnsupported),
       channel_id_xtn_negotiated_(false),
       handshake_succeeded_(false),
-      marked_session_as_good_(false),
+      certificate_verified_(false),
       transport_security_state_(context.transport_security_state),
       policy_enforcer_(context.cert_policy_enforcer),
       net_log_(transport_->socket()->NetLog()),
       weak_factory_(this) {
 }
 
 SSLClientSocketOpenSSL::~SSLClientSocketOpenSSL() {
   Disconnect();
 }
 
@@ skipping 21 matching lines @@
     default:
       NOTREACHED();
   }
 
   return result;
 }
 
 bool SSLClientSocketOpenSSL::InSessionCache() const {
   SSLContext* context = SSLContext::GetInstance();
   std::string cache_key = GetSessionCacheKey();
-  return context->session_cache()->SSLSessionIsInCache(cache_key);
+  return context->session_cache()->Lookup(cache_key) != nullptr;
 }
 
 void SSLClientSocketOpenSSL::SetHandshakeCompletionCallback(
     const base::Closure& callback) {
   handshake_completion_callback_ = callback;
 }
 
 void SSLClientSocketOpenSSL::GetSSLCertRequestInfo(
     SSLCertRequestInfo* cert_request_info) {
   cert_request_info->host_and_port = host_and_port_;
@@ skipping 309 matching lines @@
   ssl_ = SSL_new(context->ssl_ctx());
   if (!ssl_ || !context->SetClientSocketForSSL(ssl_, this))
     return ERR_UNEXPECTED;
 
   if (!SSL_set_tlsext_host_name(ssl_, host_and_port_.host().c_str()))
     return ERR_UNEXPECTED;
 
   // Set an OpenSSL callback to monitor this SSL*'s connection.
   SSL_set_info_callback(ssl_, &InfoCallback);
 
-  trying_cached_session_ = context->session_cache()->SetSSLSessionWithKey(
-      ssl_, GetSessionCacheKey());
+  SSL_SESSION* session = context->session_cache()->Lookup(GetSessionCacheKey());
+  if (session != nullptr) {
+    SSL_set_session(ssl_, session);
+    trying_cached_session_ = true;
+  }
 
   send_buffer_ = new GrowableIOBuffer();
   send_buffer_->SetCapacity(KDefaultOpenSSLBufferSize);
   recv_buffer_ = new GrowableIOBuffer();
   recv_buffer_->SetCapacity(KDefaultOpenSSLBufferSize);
 
   BIO* ssl_bio = NULL;
 
   // SSLClientSocketOpenSSL retains ownership of the BIO buffers.
   if (!BIO_new_bio_pair_external_buf(
@@ skipping 475 matching lines @@
           server_cert_verify_result_.public_key_hashes,
           &pinning_failure_log_)) {
     result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN;
   }
 
   if (result == OK) {
     // Only check Certificate Transparency if there were no other errors with
     // the connection.
     VerifyCT();
 
-    // TODO(joth): Work out if we need to remember the intermediate CA certs
-    // when the server sends them to us, and do so here.
-    SSLContext::GetInstance()->session_cache()->MarkSSLSessionAsGood(ssl_);
-    marked_session_as_good_ = true;
+    DCHECK(!certificate_verified_);
+    certificate_verified_ = true;
     CheckIfHandshakeFinished();
   } else {
     DVLOG(1) << "DoVerifyCertComplete error " << ErrorToString(result)
              << " (" << result << ")";
   }
 
   completed_connect_ = true;
 
   // Exit DoHandshakeLoop and return the result to the caller to Connect.
   DCHECK_EQ(STATE_NONE, next_handshake_state_);
@@ skipping 723 matching lines @@
                                           int type,
                                           int /*val*/) {
   // TODO(vadimt): Remove ScopedTracker below once crbug.com/424386 is fixed.
   tracked_objects::ScopedTracker tracking_profile(
       FROM_HERE_WITH_EXPLICIT_FUNCTION(
           "424386 SSLClientSocketOpenSSL::InfoCallback"));
 
   if (type == SSL_CB_HANDSHAKE_DONE) {
     SSLClientSocketOpenSSL* ssl_socket =
         SSLContext::GetInstance()->GetClientSocketFromSSL(ssl);
-    ssl_socket->handshake_succeeded_ = true;
-    ssl_socket->CheckIfHandshakeFinished();
+    if (!ssl_socket->handshake_succeeded_) {
+      ssl_socket->handshake_succeeded_ = true;
+      ssl_socket->CheckIfHandshakeFinished();
+    }
   }
 }
 
 // Determines if both the handshake and certificate verification have completed
 // successfully, and calls the handshake completion callback if that is the
 // case.
 //
 // CheckIfHandshakeFinished is called twice per connection: once after
 // MarkSSLSessionAsGood, when the certificate has been verified, and
 // once via an OpenSSL callback when the handshake has completed. On the
 // second call, when the certificate has been verified and the handshake
 // has completed, the connection's handshake completion callback is run.
 void SSLClientSocketOpenSSL::CheckIfHandshakeFinished() {
-  if (handshake_succeeded_ && marked_session_as_good_)
+  if (handshake_succeeded_ && certificate_verified_) {
+    if (!SSL_session_reused(ssl_)) {

[Ryan Sleevi, 2015/03/17 00:50:33]

Why is this check needed? Isn't it a nop if it exists? Doesn't this prevent
refreshing the MRU of the session?

[davidben, 2015/03/20 22:41:26]

I guess it's not strictly needed? MRU is updated on lookup, and this is
consistent with the old code. (ssl_update_cache only calls new_session_cb if
!s->hit.)

+      // Only insert the session into the session cache once both the handshake
+      // has completed and the certificate has been verified.
+      SSLContext::GetInstance()->session_cache()->Insert(GetSessionCacheKey(),
+                                                         SSL_get_session(ssl_));
+    }
     OnHandshakeCompletion();
+  }
 }
 
 void SSLClientSocketOpenSSL::AddSCTInfoToSSLInfo(SSLInfo* ssl_info) const {
   for (ct::SCTList::const_iterator iter =
        ct_verify_result_.verified_scts.begin();
        iter != ct_verify_result_.verified_scts.end(); ++iter) {
     ssl_info->signed_certificate_timestamps.push_back(
         SignedCertificateTimestampAndStatus(*iter, ct::SCT_STATUS_OK));
   }
   for (ct::SCTList::const_iterator iter =
@@ skipping 10 matching lines @@
                                             ct::SCT_STATUS_LOG_UNKNOWN));
   }
 }
 
 scoped_refptr<X509Certificate>
 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const {
   return server_cert_;
 }
 
 }  // namespace net