📄 cryptses.c
字号:
}
int addSessionAttribute( ATTRIBUTE_LIST **listHeadPtr,
const CRYPT_ATTRIBUTE_TYPE attributeType,
const void *data, const int dataLength )
{
return( insertSessionAttribute( listHeadPtr, attributeType, data,
dataLength, dataLength, NULL,
ATTR_FLAG_NONE ) );
}
int addSessionAttributeEx( ATTRIBUTE_LIST **listHeadPtr,
const CRYPT_ATTRIBUTE_TYPE attributeType,
const void *data, const int dataLength,
const ATTRACCESSFUNCTION accessFunction,
const int flags )
{
return( insertSessionAttribute( listHeadPtr, attributeType, data,
dataLength, dataLength,
accessFunction, flags ) );
}
/* Update a session attribute, either by replacing an existing entry if it
already exists or by adding a new entry */
int updateSessionAttribute( ATTRIBUTE_LIST **listHeadPtr,
const CRYPT_ATTRIBUTE_TYPE attributeType,
const void *data, const int dataLength,
const int dataMaxLength, const int flags )
{
ATTRIBUTE_LIST *attributeListPtr = *listHeadPtr;
assert( !( flags & ATTR_FLAG_MULTIVALUED ) );
/* Try and find the attribute */
while( attributeListPtr != NULL && \
attributeListPtr->attribute != attributeType )
attributeListPtr = attributeListPtr->next;
/* If the attribute is already present, update the value */
if( attributeListPtr != NULL )
{
assert( attributeListPtr->attribute == attributeType );
assert( ( attributeListPtr->valueLength == 0 && \
!memcmp( attributeListPtr->value, \
"\x00\x00\x00\x00", 4 ) ) || \
attributeListPtr->valueLength > 0 );
assert( isReadPtr( data, dataLength ) && \
dataLength <= dataMaxLength );
zeroise( attributeListPtr->value, attributeListPtr->valueLength );
memcpy( attributeListPtr->value, data, dataLength );
attributeListPtr->valueLength = dataLength;
return( CRYPT_OK );
}
/* The attribute isn't already present, it's a straight add */
return( insertSessionAttribute( listHeadPtr, attributeType, data,
dataLength, dataMaxLength, NULL,
flags ) );
}
/* Find a session attribute */
const ATTRIBUTE_LIST *findSessionAttribute( const ATTRIBUTE_LIST *attributeListPtr,
const CRYPT_ATTRIBUTE_TYPE attributeType )
{
while( attributeListPtr != NULL && \
attributeListPtr->attribute != attributeType )
attributeListPtr = attributeListPtr->next;
return( attributeListPtr );
}
/* Reset a session attribute. This is used to clear the data in attributes
such as passwords that can be updated over different runs of a session */
void resetSessionAttribute( ATTRIBUTE_LIST *attributeListPtr,
const CRYPT_ATTRIBUTE_TYPE attributeType )
{
/* Find the attribute to reset */
attributeListPtr = ( ATTRIBUTE_LIST * ) \
findSessionAttribute( attributeListPtr, attributeType );
if( attributeListPtr == NULL )
return;
zeroise( attributeListPtr->value, attributeListPtr->valueLength );
attributeListPtr->valueLength = 0;
}
/* Delete a complete set of session attributes */
void deleteSessionAttribute( ATTRIBUTE_LIST **attributeListHead,
ATTRIBUTE_LIST *attributeListPtr )
{
/* Remove the item from the list */
deleteDoubleListElement( attributeListHead, attributeListPtr );
/* Clear all data in the list item and free the memory */
endVarStruct( attributeListPtr, ATTRIBUTE_LIST );
clFree( "deleteSessionAttribute", attributeListPtr );
}
void deleteSessionAttributes( ATTRIBUTE_LIST **attributeListHead )
{
ATTRIBUTE_LIST *attributeListCursor = *attributeListHead;
assert( isWritePtr( attributeListHead, sizeof( ATTRIBUTE_LIST * ) ) );
/* If the list was empty, return now */
if( attributeListCursor == NULL )
return;
/* Destroy any remaining list items */
while( attributeListCursor != NULL )
{
ATTRIBUTE_LIST *itemToFree = attributeListCursor;
attributeListCursor = attributeListCursor->next;
deleteSessionAttribute( attributeListHead, itemToFree );
}
assert( *attributeListHead == NULL );
}
/****************************************************************************
* *
* Session Attribute Handling Functions *
* *
****************************************************************************/
/* Handle data sent to or read from a session object */
static int processGetAttribute( SESSION_INFO *sessionInfoPtr,
void *messageDataPtr, const int messageValue )
{
int *valuePtr = ( int * ) messageDataPtr;
/* Handle the various information types */
switch( messageValue )
{
case CRYPT_ATTRIBUTE_CURRENT:
case CRYPT_ATTRIBUTE_CURRENT_GROUP:
{
ATTRIBUTE_LIST *attributeListPtr = \
sessionInfoPtr->attributeListCurrent;
/* We're querying something that resides in the attribute list,
make sure that there's an attribute list present. If it's
present but nothing is selected, select the first entry */
if( attributeListPtr == NULL )
{
if( sessionInfoPtr->attributeList == NULL )
return( exitErrorNotFound( sessionInfoPtr,
messageValue ) );
attributeListPtr = sessionInfoPtr->attributeListCurrent = \
sessionInfoPtr->attributeList;
resetVirtualCursor( attributeListPtr );
}
/* If we're reading the group type or it's a single-attribute
group, return the overall attribute type */
if( ( messageValue == CRYPT_ATTRIBUTE_CURRENT_GROUP ) || \
!( attributeListPtr->flags & ATTR_FLAG_COMPOSITE ) )
*valuePtr = attributeListPtr->attribute;
else
/* It's a composite type, get the currently-selected sub-
attribute */
*valuePtr = attributeListPtr->accessFunction( attributeListPtr,
ATTR_NONE );
return( CRYPT_OK );
}
case CRYPT_OPTION_NET_CONNECTTIMEOUT:
if( sessionInfoPtr->connectTimeout == CRYPT_ERROR )
return( exitErrorNotInited( sessionInfoPtr,
CRYPT_ERROR_NOTINITED ) );
*valuePtr = sessionInfoPtr->connectTimeout;
return( CRYPT_OK );
case CRYPT_OPTION_NET_READTIMEOUT:
if( sessionInfoPtr->readTimeout == CRYPT_ERROR )
return( exitErrorNotInited( sessionInfoPtr,
CRYPT_ERROR_NOTINITED ) );
*valuePtr = sessionInfoPtr->readTimeout;
return( CRYPT_OK );
case CRYPT_OPTION_NET_WRITETIMEOUT:
if( sessionInfoPtr->writeTimeout == CRYPT_ERROR )
return( exitErrorNotInited( sessionInfoPtr,
CRYPT_ERROR_NOTINITED ) );
*valuePtr = sessionInfoPtr->writeTimeout;
return( CRYPT_OK );
case CRYPT_ATTRIBUTE_ERRORTYPE:
*valuePtr = sessionInfoPtr->errorType;
return( CRYPT_OK );
case CRYPT_ATTRIBUTE_ERRORLOCUS:
*valuePtr = sessionInfoPtr->errorLocus;
return( CRYPT_OK );
case CRYPT_ATTRIBUTE_BUFFERSIZE:
*valuePtr = sessionInfoPtr->receiveBufSize;
return( CRYPT_OK );
case CRYPT_ATTRIBUTE_INT_ERRORCODE:
*valuePtr = sessionInfoPtr->errorCode;
return( CRYPT_OK );
case CRYPT_SESSINFO_ACTIVE:
/* Only secure transport sessions can be persistently active,
request/response sessions are only active while the
transaction is in progress. Note that this differs from the
connection-active state, which records the fact that there's
a network-level connection established but no messages or
secure session active across it. See the comment in
processSetAttribute() for more on this */
*valuePtr = sessionInfoPtr->iCryptInContext != CRYPT_ERROR && \
( sessionInfoPtr->flags & SESSION_ISOPEN ) ? \
TRUE : FALSE;
return( CRYPT_OK );
case CRYPT_SESSINFO_CONNECTIONACTIVE:
*valuePtr = ( sessionInfoPtr->flags & SESSION_ISOPEN ) ? \
TRUE : FALSE;
return( CRYPT_OK );
case CRYPT_SESSINFO_SERVER_PORT:
case CRYPT_SESSINFO_CLIENT_PORT:
{
const ATTRIBUTE_LIST *attributeListPtr = \
findSessionAttribute( sessionInfoPtr->attributeList,
messageValue );
if( attributeListPtr == NULL )
return( exitErrorNotInited( sessionInfoPtr,
CRYPT_ERROR_NOTINITED ) );
*valuePtr = attributeListPtr->intValue;
return( CRYPT_OK );
}
case CRYPT_SESSINFO_VERSION:
*valuePtr = sessionInfoPtr->version;
return( CRYPT_OK );
case CRYPT_SESSINFO_AUTHRESPONSE:
*valuePtr = sessionInfoPtr->authResponse;
return( CRYPT_OK );
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
}
static int processSetAttribute( SESSION_INFO *sessionInfoPtr,
void *messageDataPtr, const int messageValue )
{
const int value = *( int * ) messageDataPtr;
int status;
/* Handle the various information types */
switch( messageValue )
{
case CRYPT_ATTRIBUTE_CURRENT:
case CRYPT_ATTRIBUTE_CURRENT_GROUP:
{
const ATTRIBUTE_LIST *attributeListCursor;
/* If it's an absolute positioning code, pre-set the attribute
cursor if required */
if( value == CRYPT_CURSOR_FIRST || value == CRYPT_CURSOR_LAST )
{
if( sessionInfoPtr->attributeList == NULL )
return( CRYPT_ERROR_NOTFOUND );
/* If it's an absolute attribute positioning code, reset the
attribute cursor to the start of the list before we try
to move it, and if it's an attribute positioning code,
initialise the attribute cursor if necessary */
if( messageValue == CRYPT_ATTRIBUTE_CURRENT_GROUP || \
sessionInfoPtr->attributeListCurrent == NULL )
{
sessionInfoPtr->attributeListCurrent = \
sessionInfoPtr->attributeList;
resetVirtualCursor( sessionInfoPtr->attributeListCurrent );
}
/* If there are no attributes present, return the
appropriate error code */
if( sessionInfoPtr->attributeListCurrent == NULL )
return( ( value == CRYPT_CURSOR_FIRST || \
value == CRYPT_CURSOR_LAST ) ? \
CRYPT_ERROR_NOTFOUND : CRYPT_ERROR_NOTINITED );
}
else
/* It's a relative positioning code, return a not-inited
error rather than a not-found error if the cursor isn't
set since there may be attributes present but the cursor
hasn't been initialised yet by selecting the first or
last absolute attribute */
if( sessionInfoPtr->attributeListCurrent == NULL )
return( CRYPT_ERROR_NOTINITED );
/* Move the cursor */
attributeListCursor = \
attributeMoveCursor( sessionInfoPtr->attributeListCurrent,
getAttrFunction, messageValue, value );
if( attributeListCursor == NULL )
return( CRYPT_ERROR_NOTFOUND );
sessionInfoPtr->attributeListCurrent = \
( ATTRIBUTE_LIST * ) attributeListCursor;
return( CRYPT_OK );
}
case CRYPT_OPTION_NET_CONNECTTIMEOUT:
sessionInfoPtr->connectTimeout = value;
return( CRYPT_OK );
case CRYPT_OPTION_NET_READTIMEOUT:
sessionInfoPtr->readTimeout = value;
return( CRYPT_OK );
case CRYPT_OPTION_NET_WRITETIMEOUT:
sessionInfoPtr->writeTimeout = value;
return( CRYPT_OK );
case CRYPT_ATTRIBUTE_BUFFERSIZE:
assert( !( sessionInfoPtr->flags & SESSION_ISOPEN ) );
sessionInfoPtr->receiveBufSize = value;
return( CRYPT_OK );
case CRYPT_SESSINFO_ACTIVE:
/* Session state and persistent sessions are handled as follows:
The CRYPT_SESSINFO_ACTIVE attribute records the active state
of the session as a whole, and the CRYPT_SESSINFO_-
CONNECTIONACTIVE attribute records the state of the
underlying comms session. Setting CRYPT_SESSINFO_ACTIVE for
the first time activates the comms session, and leaves it
active if the underlying mechanism (e.g. HTTP 1.1 persistent
connections) supports it. The CRYPT_SESSINFO_ACTIVE
attribute is reset once the transaction completes, and
further transactions can be initiated as long as
CRYPT_SESSINFO_CONNECTIONACTIVE is set:
Obj.state _active _connactive
--------- ------- -----------
create 0 0 0
setattr 0 0 0
(clear out_param)
activate 1 0 -> 1 -> 0 1
(clear in_param)
setattr 1 0 1
(clear out_param)
activate 1 0 -> 1 -> 0 1
(clear in_param)
(peer closes conn) 1 0 0
setattr CRYPT_ERROR_COMPLETE */
if( value == FALSE )
return( CRYPT_OK ); /* No-op */
/* If the session is in the partially-open state while we wait
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -