📄 cryptses.c
字号:
{ CRYPT_SESSION_CERTSTORE_SERVER, CRYPT_SESSION_CERTSTORE_SERVER },
{ CRYPT_ERROR, CRYPT_ERROR }, { CRYPT_ERROR, CRYPT_ERROR }
};
OBJECT_SUBTYPE subType;
int value, storageSize, status;
assert( isWritePtr( iCryptSession, sizeof( CRYPT_SESSION * ) ) );
assert( isWritePtr( sessionInfoPtrPtr, sizeof( SESSION_INFO * ) ) );
REQUIRES( ( iCryptOwner == DEFAULTUSER_OBJECT_HANDLE ) || \
isHandleRangeValid( iCryptOwner ) );
REQUIRES( sessionType > CRYPT_SESSION_NONE && \
sessionType < CRYPT_SESSION_LAST );
/* Clear return values */
*iCryptSession = CRYPT_ERROR;
*sessionInfoPtrPtr = NULL;
/* Map the external session type to a base type and internal object
subtype */
status = mapValue( sessionType, &value, subtypeMapTbl,
FAILSAFE_ARRAYSIZE( subtypeMapTbl, MAP_TABLE ) );
ENSURES( cryptStatusOK( status ) );
subType = value;
status = mapValue( sessionType, &value, basetypeMapTbl,
FAILSAFE_ARRAYSIZE( basetypeMapTbl, MAP_TABLE ) );
ENSURES( cryptStatusOK( status ) );
sessionBaseType = value;
/* Set up subtype-specific information */
switch( sessionBaseType )
{
case CRYPT_SESSION_SSH:
storageSize = sizeof( SSH_INFO );
break;
case CRYPT_SESSION_SSL:
storageSize = sizeof( SSL_INFO );
break;
case CRYPT_SESSION_TSP:
storageSize = sizeof( TSP_INFO );
break;
case CRYPT_SESSION_CMP:
storageSize = sizeof( CMP_INFO );
break;
case CRYPT_SESSION_SCEP:
storageSize = sizeof( SCEP_INFO );
break;
case CRYPT_SESSION_RTCS:
case CRYPT_SESSION_OCSP:
case CRYPT_SESSION_CERTSTORE_SERVER:
storageSize = 0;
break;
default:
retIntError();
}
/* Create the session object */
status = krnlCreateObject( iCryptSession, ( void ** ) &sessionInfoPtr,
sizeof( SESSION_INFO ) + storageSize,
OBJECT_TYPE_SESSION, subType,
CREATEOBJECT_FLAG_NONE, iCryptOwner,
ACTION_PERM_NONE_ALL, sessionMessageFunction );
if( cryptStatusError( status ) )
return( status );
*sessionInfoPtrPtr = sessionInfoPtr;
sessionInfoPtr->objectHandle = *iCryptSession;
sessionInfoPtr->ownerHandle = iCryptOwner;
sessionInfoPtr->type = sessionBaseType;
if( storageSize > 0 )
{
switch( sessionBaseType )
{
case CRYPT_SESSION_SSH:
sessionInfoPtr->sessionSSH = \
( SSH_INFO * ) sessionInfoPtr->storage;
break;
case CRYPT_SESSION_SSL:
sessionInfoPtr->sessionSSL = \
( SSL_INFO * ) sessionInfoPtr->storage;
break;
case CRYPT_SESSION_TSP:
sessionInfoPtr->sessionTSP = \
( TSP_INFO * ) sessionInfoPtr->storage;
break;
case CRYPT_SESSION_CMP:
sessionInfoPtr->sessionCMP = \
( CMP_INFO * ) sessionInfoPtr->storage;
break;
case CRYPT_SESSION_SCEP:
sessionInfoPtr->sessionSCEP = \
( SCEP_INFO * ) sessionInfoPtr->storage;
break;
default:
retIntError();
}
}
sessionInfoPtr->storageSize = storageSize;
/* If it's a server session, mark it as such. An HTTP certstore session
is a special case in that it's always a server session */
if( ( sessionType != sessionBaseType ) || \
( sessionType == CRYPT_SESSION_CERTSTORE_SERVER ) )
sessionInfoPtr->flags = SESSION_ISSERVER;
/* Set up any internal objects to contain invalid handles */
sessionInfoPtr->iKeyexCryptContext = \
sessionInfoPtr->iKeyexAuthContext = CRYPT_ERROR;
sessionInfoPtr->iCryptInContext = \
sessionInfoPtr->iCryptOutContext = CRYPT_ERROR;
sessionInfoPtr->iAuthInContext = \
sessionInfoPtr->iAuthOutContext = CRYPT_ERROR;
sessionInfoPtr->iCertRequest = \
sessionInfoPtr->iCertResponse = CRYPT_ERROR;
sessionInfoPtr->privateKey = CRYPT_ERROR;
sessionInfoPtr->cryptKeyset = CRYPT_ERROR;
sessionInfoPtr->privKeyset = CRYPT_ERROR;
sessionInfoPtr->transportSession = CRYPT_ERROR;
sessionInfoPtr->networkSocket = CRYPT_ERROR;
sessionInfoPtr->readTimeout = \
sessionInfoPtr->writeTimeout = \
sessionInfoPtr->connectTimeout = CRYPT_ERROR;
/* Set up any additinal values */
sessionInfoPtr->authResponse = CRYPT_UNUSED;
/* Set up the access information for the session and initialise it */
switch( sessionBaseType )
{
case CRYPT_SESSION_CERTSTORE_SERVER:
status = setAccessMethodCertstore( sessionInfoPtr );
break;
case CRYPT_SESSION_CMP:
status = setAccessMethodCMP( sessionInfoPtr );
break;
case CRYPT_SESSION_RTCS:
status = setAccessMethodRTCS( sessionInfoPtr );
break;
case CRYPT_SESSION_OCSP:
status = setAccessMethodOCSP( sessionInfoPtr );
break;
case CRYPT_SESSION_SCEP:
status = setAccessMethodSCEP( sessionInfoPtr );
break;
case CRYPT_SESSION_SSH:
status = setAccessMethodSSH( sessionInfoPtr );
break;
case CRYPT_SESSION_SSL:
status = setAccessMethodSSL( sessionInfoPtr );
break;
case CRYPT_SESSION_TSP:
status = setAccessMethodTSP( sessionInfoPtr );
break;
default:
retIntError();
}
if( cryptStatusError( status ) )
return( status );
/* If it's a session type that uses the scoreboard, set up the
scoreboard information for the session */
if( sessionType == CRYPT_SESSION_SSL_SERVER )
sessionInfoPtr->sessionSSL->scoreboardInfoPtr = &scoreboardInfo;
/* Check that the protocol info is OK */
protocolInfoPtr = sessionInfoPtr->protocolInfo;
ENSURES( ( protocolInfoPtr->isReqResp && \
protocolInfoPtr->bufSize == 0 && \
protocolInfoPtr->sendBufStartOfs == 0 && \
protocolInfoPtr->maxPacketSize == 0 ) ||
( !protocolInfoPtr->isReqResp && \
protocolInfoPtr->bufSize >= MIN_BUFFER_SIZE && \
protocolInfoPtr->bufSize < MAX_INTLENGTH && \
protocolInfoPtr->sendBufStartOfs >= 5 &&
protocolInfoPtr->sendBufStartOfs < protocolInfoPtr->maxPacketSize && \
protocolInfoPtr->maxPacketSize <= protocolInfoPtr->bufSize ) );
ENSURES( ( ( protocolInfoPtr->flags & SESSION_ISHTTPTRANSPORT ) && \
protocolInfoPtr->port == 80 ) || \
( protocolInfoPtr->port != 80 ) );
ENSURES( protocolInfoPtr->port > 21 && protocolInfoPtr->port <= 65534L );
ENSURES( protocolInfoPtr->version >= 0 && protocolInfoPtr->version < 5 );
/* Copy mutable protocol-specific information into the session info */
sessionInfoPtr->flags |= protocolInfoPtr->flags;
sessionInfoPtr->clientReqAttrFlags = protocolInfoPtr->clientReqAttrFlags;
sessionInfoPtr->serverReqAttrFlags = protocolInfoPtr->serverReqAttrFlags;
sessionInfoPtr->version = protocolInfoPtr->version;
if( protocolInfoPtr->isReqResp )
{
sessionInfoPtr->sendBufSize = CRYPT_UNUSED;
sessionInfoPtr->receiveBufSize = MIN_BUFFER_SIZE;
}
else
{
sessionInfoPtr->sendBufSize = sessionInfoPtr->receiveBufSize = \
protocolInfoPtr->bufSize;
sessionInfoPtr->sendBufStartOfs = sessionInfoPtr->receiveBufStartOfs = \
protocolInfoPtr->sendBufStartOfs;
sessionInfoPtr->maxPacketSize = protocolInfoPtr->maxPacketSize;
}
/* Install default handlers if no session-specific ones are provided */
status = initSessionIO( sessionInfoPtr );
if( cryptStatusError( status ) )
return( status );
/* Check that the handlers are all OK */
ENSURES( sessionInfoPtr->connectFunction != NULL );
ENSURES( sessionInfoPtr->transactFunction != NULL );
ENSURES( ( protocolInfoPtr->isReqResp && \
sessionInfoPtr->readHeaderFunction == NULL && \
sessionInfoPtr->processBodyFunction == NULL && \
sessionInfoPtr->preparePacketFunction == NULL ) || \
( !protocolInfoPtr->isReqResp && \
sessionInfoPtr->readHeaderFunction != NULL && \
sessionInfoPtr->processBodyFunction != NULL && \
sessionInfoPtr->preparePacketFunction != NULL ) );
return( CRYPT_OK );
}
CHECK_RETVAL STDC_NONNULL_ARG( ( 1 ) ) \
int createSession( INOUT MESSAGE_CREATEOBJECT_INFO *createInfo,
STDC_UNUSED const void *auxDataPtr,
STDC_UNUSED const int auxValue )
{
CRYPT_SESSION iCryptSession;
SESSION_INFO *sessionInfoPtr = NULL;
int initStatus, status;
assert( isWritePtr( createInfo, sizeof( MESSAGE_CREATEOBJECT_INFO ) ) );
REQUIRES( auxDataPtr == NULL && auxValue == 0 );
REQUIRES( createInfo->arg1 > CRYPT_SESSION_NONE && \
createInfo->arg1 < CRYPT_SESSION_LAST );
/* Pass the call on to the lower-level open function */
initStatus = openSession( &iCryptSession, createInfo->cryptOwner,
createInfo->arg1, &sessionInfoPtr );
if( cryptStatusError( initStatus ) )
{
/* If the create object failed, return immediately */
if( sessionInfoPtr == NULL )
return( initStatus );
/* The init failed, make sure that the object gets destroyed when we
notify the kernel that the setup process is complete */
krnlSendNotifier( iCryptSession, IMESSAGE_DESTROY );
}
/* We've finished setting up the object-type-specific info, tell the
kernel that the object is ready for use */
status = krnlSendMessage( iCryptSession, IMESSAGE_SETATTRIBUTE,
MESSAGE_VALUE_OK, CRYPT_IATTRIBUTE_STATUS );
if( cryptStatusError( initStatus ) || cryptStatusError( status ) )
return( cryptStatusError( initStatus ) ? initStatus : status );
createInfo->cryptHandle = iCryptSession;
return( CRYPT_OK );
}
/* Generic management function for this class of object */
CHECK_RETVAL \
int sessionManagementFunction( IN_ENUM( MANAGEMENT_ACTION ) \
const MANAGEMENT_ACTION_TYPE action )
{
static int initLevel = 0;
int status;
REQUIRES( action == MANAGEMENT_ACTION_INIT || \
action == MANAGEMENT_ACTION_PRE_SHUTDOWN || \
action == MANAGEMENT_ACTION_SHUTDOWN );
switch( action )
{
case MANAGEMENT_ACTION_INIT:
status = netInitTCP();
if( cryptStatusOK( status ) )
{
initLevel++;
if( krnlIsExiting() )
{
/* The kernel is shutting down, exit */
return( CRYPT_ERROR_PERMISSION );
}
status = initScoreboard( &scoreboardInfo,
SESSIONCACHE_SIZE );
}
if( cryptStatusOK( status ) )
initLevel++;
return( status );
case MANAGEMENT_ACTION_PRE_SHUTDOWN:
/* We have to wait for the driver binding to complete before we
can start the shutdown process */
status = krnlWaitSemaphore( SEMAPHORE_DRIVERBIND );
if( cryptStatusError( status ) )
{
/* The kernel is shutting down, bail out */
assert( DEBUG_WARN );
return( CRYPT_ERROR_PERMISSION );
}
if( initLevel > 0 )
netSignalShutdown();
return( CRYPT_OK );
case MANAGEMENT_ACTION_SHUTDOWN:
if( initLevel > 1 )
endScoreboard( &scoreboardInfo );
if( initLevel > 0 )
netEndTCP();
initLevel = 0;
return( CRYPT_OK );
}
retIntError();
}
#endif /* USE_SESSIONS */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -