ssl_sess.c

Line

Source

Count

1

/*

-

2

-

3

-

4

*

-

5

* Licensed under the OpenSSL license (the "License"). You may not use

-

6

* this file except in compliance with the License. You can obtain a copy

-

7

* in the file LICENSE in the source distribution or at

-

8

* https://www.openssl.org/source/license.html

-

9

*/

-

10

-

11

#include <stdio.h>

-

12

#include <openssl/rand.h>

-

13

#include <openssl/engine.h>

-

14

#include "internal/refcount.h"

-

15

#include "internal/cryptlib.h"

-

16

#include "ssl_locl.h"

-

17

#include "statem/statem_locl.h"

-

18

-

19

static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);

-

20

static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);

-

21

static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);

-

22

-

23

/*

-

24

* SSL_get_session() and SSL_get1_session() are problematic in TLS1.3 because,

-

25

* unlike in earlier protocol versions, the session ticket may not have been

-

26

* sent yet even though a handshake has finished. The session ticket data could

-

27

* come in sometime later...or even change if multiple session ticket messages

-

28

* are sent from the server. The preferred way for applications to obtain

-

29

* a resumable session is to use SSL_CTX_sess_set_new_cb().

-

30

*/

-

31

-

32

SSL_SESSION *SSL_get_session(const SSL *ssl)

-

33

/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */

-

34

{

-

35

return ssl->session;

executed 3875 times by 1 test: return ssl->session;

Executed by:

libssl.so.1.1

3875

36

}

-

37

-

38

SSL_SESSION *SSL_get1_session(SSL *ssl)

-

39

/* variant of SSL_get_session: caller really gets something */

-

40

{

-

41

SSL_SESSION *sess;

-

42

/*

-

43

* Need to lock this all up rather than just use CRYPTO_add so that

-

44

* somebody doesn't free ssl->session between when we check it's non-null

-

45

* and when we up the reference count.

-

46

*/

-

47

CRYPTO_THREAD_read_lock(ssl->lock);

-

48

sess = ssl->session;

-

49

if (sess)

sess	Description
TRUE	evaluated 1158 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 52 times by 1 test Evaluated by: libssl.so.1.1

52-1158

50

SSL_SESSION_up_ref(sess);

executed 1158 times by 1 test: SSL_SESSION_up_ref(sess);

Executed by:

libssl.so.1.1

1158

51

CRYPTO_THREAD_unlock(ssl->lock);

-

52

return sess;

executed 1210 times by 1 test: return sess;

Executed by:

libssl.so.1.1

1210

53

}

-

54

-

55

int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)

-

56

{

-

57

return CRYPTO_set_ex_data(&s->ex_data, idx, arg);

never executed: return CRYPTO_set_ex_data(&s->ex_data, idx, arg);

0

58

}

-

59

-

60

void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)

-

61

{

-

62

return CRYPTO_get_ex_data(&s->ex_data, idx);

never executed: return CRYPTO_get_ex_data(&s->ex_data, idx);

0

63

}

-

64

-

65

SSL_SESSION *SSL_SESSION_new(void)

-

66

{

-

67

SSL_SESSION *ss;

-

68

-

69

if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))

!OPENSSL_init_... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 9017 times by 1 test Evaluated by: libssl.so.1.1

0-9017

70

return NULL;

never executed: return ((void *)0) ;

0

71

-

72

ss = OPENSSL_zalloc(sizeof(*ss));

-

73

if (ss == NULL) {

ss == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 9017 times by 1 test Evaluated by: libssl.so.1.1

0-9017

74

SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);

-

75

return NULL;

never executed: return ((void *)0) ;

0

76

}

-

77

-

78

ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */

-

79

ss->references = 1;

-

80

ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */

-

81

ss->time = (unsigned long)time(NULL);

-

82

ss->lock = CRYPTO_THREAD_lock_new();

-

83

if (ss->lock == NULL) {

ss->lock == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 9017 times by 1 test Evaluated by: libssl.so.1.1

0-9017

84

SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);

-

85

OPENSSL_free(ss);

-

86

return NULL;

never executed: return ((void *)0) ;

0

87

}

-

88

-

89

if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {

!CRYPTO_new_ex... &ss->ex_data)	Description
TRUE	never evaluated
FALSE	evaluated 9017 times by 1 test Evaluated by: libssl.so.1.1

0-9017

90

CRYPTO_THREAD_lock_free(ss->lock);

-

91

OPENSSL_free(ss);

-

92

return NULL;

never executed: return ((void *)0) ;

0

93

}

-

94

return ss;

executed 9017 times by 1 test: return ss;

Executed by:

libssl.so.1.1

9017

95

}

-

96

-

97

SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src)

-

98

{

-

99

return ssl_session_dup(src, 1);

executed 904 times by 1 test: return ssl_session_dup(src, 1);

Executed by:

libssl.so.1.1

904

100

}

-

101

-

102

/*

-

103

* Create a new SSL_SESSION and duplicate the contents of |src| into it. If

-

104

* ticket == 0 then no ticket information is duplicated, otherwise it is.

-

105

*/

-

106

SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)

-

107

{

-

108

SSL_SESSION *dest;

-

109

-

110

dest = OPENSSL_malloc(sizeof(*src));

-

111

if (dest == NULL) {

dest == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

112

goto err;

never executed: goto err;

0

113

}

-

114

memcpy(dest, src, sizeof(*dest));

-

115

-

116

/*

-

117

* Set the various pointers to NULL so that we can call SSL_SESSION_free in

-

118

* the case of an error whilst halfway through constructing dest

-

119

*/

-

120

#ifndef OPENSSL_NO_PSK

-

121

dest->psk_identity_hint = NULL;

-

122

dest->psk_identity = NULL;

-

123

#endif

-

124

dest->ciphers = NULL;

-

125

dest->ext.hostname = NULL;

-

126

#ifndef OPENSSL_NO_EC

-

127

dest->ext.ecpointformats = NULL;

-

128

dest->ext.supportedgroups = NULL;

-

129

#endif

-

130

dest->ext.tick = NULL;

-

131

dest->ext.alpn_selected = NULL;

-

132

#ifndef OPENSSL_NO_SRP

-

133

dest->srp_username = NULL;

-

134

#endif

-

135

dest->peer_chain = NULL;

-

136

dest->peer = NULL;

-

137

dest->ticket_appdata = NULL;

-

138

memset(&dest->ex_data, 0, sizeof(dest->ex_data));

-

139

-

140

/* We deliberately don't copy the prev and next pointers */

-

141

dest->prev = NULL;

-

142

dest->next = NULL;

-

143

-

144

dest->references = 1;

-

145

-

146

dest->lock = CRYPTO_THREAD_lock_new();

-

147

if (dest->lock == NULL)

dest->lock == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

148

goto err;

never executed: goto err;

0

149

-

150

if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))

!CRYPTO_new_ex...dest->ex_data)	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

151

goto err;

never executed: goto err;

0

152

-

153

if (src->peer != NULL) {

src->peer != ((void *)0)	Description
TRUE	evaluated 979 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1490 times by 1 test Evaluated by: libssl.so.1.1

979-1490

154

if (!X509_up_ref(src->peer))

!X509_up_ref(src->peer)	Description
TRUE	never evaluated
FALSE	evaluated 979 times by 1 test Evaluated by: libssl.so.1.1

0-979

155

goto err;

never executed: goto err;

0

156

dest->peer = src->peer;

-

157

}

executed 979 times by 1 test: end of block

Executed by:

libssl.so.1.1

979

158

-

159

if (src->peer_chain != NULL) {

src->peer_chain != ((void *)0)	Description
TRUE	evaluated 1009 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1460 times by 1 test Evaluated by: libssl.so.1.1

1009-1460

160

dest->peer_chain = X509_chain_up_ref(src->peer_chain);

-

161

if (dest->peer_chain == NULL)

dest->peer_cha...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1009 times by 1 test Evaluated by: libssl.so.1.1

0-1009

162

goto err;

never executed: goto err;

0

163

}

executed 1009 times by 1 test: end of block

Executed by:

libssl.so.1.1

1009

164

#ifndef OPENSSL_NO_PSK

-

165

if (src->psk_identity_hint) {

src->psk_identity_hint	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

166

dest->psk_identity_hint = OPENSSL_strdup(src->psk_identity_hint);

-

167

if (dest->psk_identity_hint == NULL) {

dest->psk_iden...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

168

goto err;

never executed: goto err;

0

169

}

-

170

}

never executed: end of block

0

171

if (src->psk_identity) {

src->psk_identity	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

172

dest->psk_identity = OPENSSL_strdup(src->psk_identity);

-

173

if (dest->psk_identity == NULL) {

dest->psk_iden...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

174

goto err;

never executed: goto err;

0

175

}

-

176

}

never executed: end of block

0

177

#endif

-

178

-

179

if (src->ciphers != NULL) {

src->ciphers != ((void *)0)	Description
TRUE	evaluated 1486 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 983 times by 1 test Evaluated by: libssl.so.1.1

983-1486

180

dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);

-

181

if (dest->ciphers == NULL)

dest->ciphers == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1486 times by 1 test Evaluated by: libssl.so.1.1

0-1486

182

goto err;

never executed: goto err;

0

183

}

executed 1486 times by 1 test: end of block

Executed by:

libssl.so.1.1

1486

184

-

185

if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,

!CRYPTO_dup_ex...&src->ex_data)	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

186

&dest->ex_data, &src->ex_data)) {

!CRYPTO_dup_ex...&src->ex_data)	Description
TRUE	never evaluated
FALSE	evaluated 2469 times by 1 test Evaluated by: libssl.so.1.1

0-2469

187

goto err;

never executed: goto err;

0

188

}

-

189

-

190

if (src->ext.hostname) {

src->ext.hostname	Description
TRUE	evaluated 64 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2405 times by 1 test Evaluated by: libssl.so.1.1

64-2405

191

dest->ext.hostname = OPENSSL_strdup(src->ext.hostname);

-

192

if (dest->ext.hostname == NULL) {

dest->ext.host...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: libssl.so.1.1

0-64

193

goto err;

never executed: goto err;

0

194

}

-

195

}

executed 64 times by 1 test: end of block

Executed by:

libssl.so.1.1

64

196

#ifndef OPENSSL_NO_EC

-

197

if (src->ext.ecpointformats) {

src->ext.ecpointformats	Description
TRUE	evaluated 633 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1836 times by 1 test Evaluated by: libssl.so.1.1

633-1836

198

dest->ext.ecpointformats =

-

199

OPENSSL_memdup(src->ext.ecpointformats,

-

200

src->ext.ecpointformats_len);

-

201

if (dest->ext.ecpointformats == NULL)

dest->ext.ecpo...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 633 times by 1 test Evaluated by: libssl.so.1.1

0-633

202

goto err;

never executed: goto err;

0

203

}

executed 633 times by 1 test: end of block

Executed by:

libssl.so.1.1

633

204

if (src->ext.supportedgroups) {

src->ext.supportedgroups	Description
TRUE	evaluated 1488 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 981 times by 1 test Evaluated by: libssl.so.1.1

981-1488

205

dest->ext.supportedgroups =

-

206

OPENSSL_memdup(src->ext.supportedgroups,

-

207

src->ext.supportedgroups_len

-

208

* sizeof(*src->ext.supportedgroups));

-

209

if (dest->ext.supportedgroups == NULL)

dest->ext.supp...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1488 times by 1 test Evaluated by: libssl.so.1.1

0-1488

210

goto err;

never executed: goto err;

0

211

}

executed 1488 times by 1 test: end of block

Executed by:

libssl.so.1.1

1488

212

#endif

-

213

-

214

if (ticket != 0 && src->ext.tick != NULL) {

ticket != 0	Description
TRUE	evaluated 904 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1565 times by 1 test Evaluated by: libssl.so.1.1

src->ext.tick != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 904 times by 1 test Evaluated by: libssl.so.1.1

0-1565

215

dest->ext.tick =

-

216

OPENSSL_memdup(src->ext.tick, src->ext.ticklen);

-

217

if (dest->ext.tick == NULL)

dest->ext.tick == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

218

goto err;

never executed: goto err;

0

219

} else {

never executed: end of block

0

220

dest->ext.tick_lifetime_hint = 0;

-

221

dest->ext.ticklen = 0;

-

222

}

executed 2469 times by 1 test: end of block

Executed by:

libssl.so.1.1

2469

223

-

224

if (src->ext.alpn_selected != NULL) {

src->ext.alpn_...!= ((void *)0)	Description
TRUE	evaluated 64 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2405 times by 1 test Evaluated by: libssl.so.1.1

64-2405

225

dest->ext.alpn_selected = OPENSSL_memdup(src->ext.alpn_selected,

-

226

src->ext.alpn_selected_len);

-

227

if (dest->ext.alpn_selected == NULL)

dest->ext.alpn...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 64 times by 1 test Evaluated by: libssl.so.1.1

0-64

228

goto err;

never executed: goto err;

0

229

}

executed 64 times by 1 test: end of block

Executed by:

libssl.so.1.1

64

230

-

231

#ifndef OPENSSL_NO_SRP

-

232

if (src->srp_username) {

src->srp_username	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2465 times by 1 test Evaluated by: libssl.so.1.1

4-2465

233

dest->srp_username = OPENSSL_strdup(src->srp_username);

-

234

if (dest->srp_username == NULL) {

dest->srp_user...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1

0-4

235

goto err;

never executed: goto err;

0

236

}

-

237

}

executed 4 times by 1 test: end of block

Executed by:

libssl.so.1.1

4

238

#endif

-

239

-

240

if (src->ticket_appdata != NULL) {

src->ticket_ap...!= ((void *)0)	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2456 times by 1 test Evaluated by: libssl.so.1.1

13-2456

241

dest->ticket_appdata =

-

242

OPENSSL_memdup(src->ticket_appdata, src->ticket_appdata_len);

-

243

if (dest->ticket_appdata == NULL)

dest->ticket_a...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1

0-13

244

goto err;

never executed: goto err;

0

245

}

executed 13 times by 1 test: end of block

Executed by:

libssl.so.1.1

13

246

-

247

return dest;

executed 2469 times by 1 test: return dest;

Executed by:

libssl.so.1.1

2469

248

err:

-

249

SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);

-

250

SSL_SESSION_free(dest);

-

251

return NULL;

never executed: return ((void *)0) ;

0

252

}

-

253

-

254

const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)

-

255

{

-

256

if (len)

len	Description
TRUE	evaluated 1362 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 97 times by 1 test Evaluated by: libssl.so.1.1

97-1362

257

*len = (unsigned int)s->session_id_length;

executed 1362 times by 1 test: *len = (unsigned int)s->session_id_length;

Executed by:

libssl.so.1.1

1362

258

return s->session_id;

executed 1459 times by 1 test: return s->session_id;

Executed by:

libssl.so.1.1

1459

259

}

-

260

const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,

-

261

unsigned int *len)

-

262

{

-

263

if (len != NULL)

len != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

264

*len = (unsigned int)s->sid_ctx_length;

never executed: *len = (unsigned int)s->sid_ctx_length;

0

265

return s->sid_ctx;

never executed: return s->sid_ctx;

0

266

}

-

267

-

268

unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)

-

269

{

-

270

return s->compress_meth;

never executed: return s->compress_meth;

0

271

}

-

272

-

273

/*

-

274

* SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling

-

275

* the ID with random junk repeatedly until we have no conflict is going to

-

276

* complete in one iteration pretty much "most" of the time (btw:

-

277

* understatement). So, if it takes us 10 iterations and we still can't avoid

-

278

* a conflict - well that's a reasonable point to call it quits. Either the

-

279

* RAND code is broken or someone is trying to open roughly very close to

-

280

* 2^256 SSL sessions to our server. How you might store that many sessions

-

281

* is perhaps a more interesting question ...

-

282

*/

-

283

-

284

#define MAX_SESS_ID_ATTEMPTS 10

-

285

static int def_generate_session_id(SSL *ssl, unsigned char *id,

-

286

unsigned int *id_len)

-

287

{

-

288

unsigned int retry = 0;

-

289

do

-

290

if (RAND_bytes(id, *id_len) <= 0)

RAND_bytes(id, *id_len) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

291

return 0;

never executed: return 0;

0

292

while (SSL_has_matching_session_id(ssl, id, *id_len) &&

SSL_has_matchi..., id, *id_len)	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

293

(++retry < MAX_SESS_ID_ATTEMPTS)) ;

(++retry < 10)	Description
TRUE	never evaluated
FALSE	never evaluated

0

294

if (retry < MAX_SESS_ID_ATTEMPTS)

retry < 10	Description
TRUE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1686

295

return 1;

executed 1686 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1686

296

/* else - woops a session_id match */

-

297

/*

-

298

* XXX We should also check the external cache -- but the probability of

-

299

* a collision is negligible, and we could not prevent the concurrent

-

300

* creation of sessions with identical IDs since we currently don't have

-

301

* means to atomically check whether a session ID already exists and make

-

302

* a reservation for it if it does not (this problem applies to the

-

303

* internal cache as well).

-

304

*/

-

305

return 0;

never executed: return 0;

0

306

}

-

307

-

308

int ssl_generate_session_id(SSL *s, SSL_SESSION *ss)

-

309

{

-

310

unsigned int tmp;

-

311

GEN_SESSION_CB cb = def_generate_session_id;

-

312

-

313

switch (s->version) {

-

314

case SSL3_VERSION:

never executed: case 0x0300:

0

315

case TLS1_VERSION:

executed 282 times by 1 test: case 0x0301:

Executed by:

libssl.so.1.1

282

316

case TLS1_1_VERSION:

executed 289 times by 1 test: case 0x0302:

Executed by:

libssl.so.1.1

289

317

case TLS1_2_VERSION:

executed 1157 times by 1 test: case 0x0303:

Executed by:

libssl.so.1.1

1157

318

case TLS1_3_VERSION:

executed 1033 times by 1 test: case 0x0304:

Executed by:

libssl.so.1.1

1033

319

case DTLS1_BAD_VER:

never executed: case 0x0100:

0

320

case DTLS1_VERSION:

executed 42 times by 1 test: case 0xFEFF:

Executed by:

libssl.so.1.1

42

321

case DTLS1_2_VERSION:

executed 128 times by 1 test: case 0xFEFD:

Executed by:

libssl.so.1.1

128

322

ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;

-

323

break;

executed 2931 times by 1 test: break;

Executed by:

libssl.so.1.1

2931

324

default:

never executed: default:

0

325

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,

-

326

SSL_R_UNSUPPORTED_SSL_VERSION);

-

327

return 0;

never executed: return 0;

0

328

}

-

329

-

330

/*-

-

331

* If RFC5077 ticket, use empty session ID (as server).

-

332

* Note that:

-

333

* (a) ssl_get_prev_session() does lookahead into the

-

334

* ClientHello extensions to find the session ticket.

-

335

* When ssl_get_prev_session() fails, statem_srvr.c calls

-

336

* ssl_get_new_session() in tls_process_client_hello().

-

337

* At that point, it has not yet parsed the extensions,

-

338

* however, because of the lookahead, it already knows

-

339

* whether a ticket is expected or not.

-

340

*

-

341

* (b) statem_clnt.c calls ssl_get_new_session() before parsing

-

342

* ServerHello extensions, and before recording the session

-

343

* ID received from the server, so this block is a noop.

-

344

*/

-

345

if (s->ext.ticket_expected) {

s->ext.ticket_expected	Description
TRUE	evaluated 1245 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

1245-1686

346

ss->session_id_length = 0;

-

347

return 1;

executed 1245 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1245

348

}

-

349

-

350

/* Choose which callback will set the session ID */

-

351

CRYPTO_THREAD_read_lock(s->lock);

-

352

CRYPTO_THREAD_read_lock(s->session_ctx->lock);

-

353

if (s->generate_session_id)

s->generate_session_id	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

354

cb = s->generate_session_id;

never executed: cb = s->generate_session_id;

0

355

else if (s->session_ctx->generate_session_id)

s->session_ctx...ate_session_id	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

356

cb = s->session_ctx->generate_session_id;

never executed: cb = s->session_ctx->generate_session_id;

0

357

CRYPTO_THREAD_unlock(s->session_ctx->lock);

-

358

CRYPTO_THREAD_unlock(s->lock);

-

359

/* Choose a session ID */

-

360

memset(ss->session_id, 0, ss->session_id_length);

-

361

tmp = (int)ss->session_id_length;

-

362

if (!cb(s, ss->session_id, &tmp)) {

!cb(s, ss->session_id, &tmp)	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

363

/* The callback failed */

-

364

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,

-

365

SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);

-

366

return 0;

never executed: return 0;

0

367

}

-

368

/*

-

369

* Don't allow the callback to set the session length to zero. nor

-

370

* set it higher than it was.

-

371

*/

-

372

if (tmp == 0 || tmp > ss->session_id_length) {

tmp == 0	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

tmp > ss->session_id_length	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

373

/* The callback set an illegal length */

-

374

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,

-

375

SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);

-

376

return 0;

never executed: return 0;

0

377

}

-

378

ss->session_id_length = tmp;

-

379

/* Finally, check for a conflict */

-

380

if (SSL_has_matching_session_id(s, ss->session_id,

SSL_has_matchi...ion_id_length)	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

381

(unsigned int)ss->session_id_length)) {

SSL_has_matchi...ion_id_length)	Description
TRUE	never evaluated
FALSE	evaluated 1686 times by 1 test Evaluated by: libssl.so.1.1

0-1686

382

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_SESSION_ID,

-

383

SSL_R_SSL_SESSION_ID_CONFLICT);

-

384

return 0;

never executed: return 0;

0

385

}

-

386

-

387

return 1;

executed 1686 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1686

388

}

-

389

-

390

int ssl_get_new_session(SSL *s, int session)

-

391

{

-

392

/* This gets used by clients and servers. */

-

393

-

394

SSL_SESSION *ss = NULL;

-

395

-

396

if ((ss = SSL_SESSION_new()) == NULL) {

(ss = SSL_SESS...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6965 times by 1 test Evaluated by: libssl.so.1.1

0-6965

397

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,

-

398

ERR_R_MALLOC_FAILURE);

-

399

return 0;

never executed: return 0;

0

400

}

-

401

-

402

/* If the context has a default timeout, use it */

-

403

if (s->session_ctx->session_timeout == 0)

s->session_ctx...n_timeout == 0	Description
TRUE	never evaluated
FALSE	evaluated 6965 times by 1 test Evaluated by: libssl.so.1.1

0-6965

404

ss->timeout = SSL_get_default_timeout(s);

never executed: ss->timeout = SSL_get_default_timeout(s);

0

405

else

-

406

ss->timeout = s->session_ctx->session_timeout;

executed 6965 times by 1 test: ss->timeout = s->session_ctx->session_timeout;

Executed by:

libssl.so.1.1

6965

407

-

408

SSL_SESSION_free(s->session);

-

409

s->session = NULL;

-

410

-

411

if (session) {

session	Description
TRUE	evaluated 2879 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 4086 times by 1 test Evaluated by: libssl.so.1.1

2879-4086

412

if (SSL_IS_TLS13(s)) {

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 2709 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 170 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	evaluated 982 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1727 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 982 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2709

413

/*

-

414

* We generate the session id while constructing the

-

415

* NewSessionTicket in TLSv1.3.

-

416

*/

-

417

ss->session_id_length = 0;

-

418

} else if (!ssl_generate_session_id(s, ss)) {

executed 982 times by 1 test: end of block

Executed by:

libssl.so.1.1

!ssl_generate_...sion_id(s, ss)	Description
TRUE	never evaluated
FALSE	evaluated 1897 times by 1 test Evaluated by: libssl.so.1.1

0-1897

419

/* SSLfatal() already called */

-

420

SSL_SESSION_free(ss);

-

421

return 0;

never executed: return 0;

0

422

}

-

423

-

424

} else {

executed 2879 times by 1 test: end of block

Executed by:

libssl.so.1.1

2879

425

ss->session_id_length = 0;

-

426

}

executed 4086 times by 1 test: end of block

Executed by:

libssl.so.1.1

4086

427

-

428

if (s->sid_ctx_length > sizeof(ss->sid_ctx)) {

s->sid_ctx_len...f(ss->sid_ctx)	Description
TRUE	never evaluated
FALSE	evaluated 6965 times by 1 test Evaluated by: libssl.so.1.1

0-6965

429

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_NEW_SESSION,

-

430

ERR_R_INTERNAL_ERROR);

-

431

SSL_SESSION_free(ss);

-

432

return 0;

never executed: return 0;

0

433

}

-

434

memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);

-

435

ss->sid_ctx_length = s->sid_ctx_length;

-

436

s->session = ss;

-

437

ss->ssl_version = s->version;

-

438

ss->verify_result = X509_V_OK;

-

439

-

440

/* If client supports extended master secret set it in session */

-

441

if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)

s->s3->flags & 0x0200	Description
TRUE	evaluated 1303 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5662 times by 1 test Evaluated by: libssl.so.1.1

1303-5662

442

ss->flags |= SSL_SESS_FLAG_EXTMS;

executed 1303 times by 1 test: ss->flags |= 0x1;

Executed by:

libssl.so.1.1

1303

443

-

444

return 1;

executed 6965 times by 1 test: return 1;

Executed by:

libssl.so.1.1

6965

445

}

-

446

-

447

SSL_SESSION *lookup_sess_in_cache(SSL *s, const unsigned char *sess_id,

-

448

size_t sess_id_len)

-

449

{

-

450

SSL_SESSION *ret = NULL;

-

451

-

452

if ((s->session_ctx->session_cache_mode

(s->session_ct...& 0x0100) == 0	Description
TRUE	evaluated 262 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 19 times by 1 test Evaluated by: libssl.so.1.1

19-262

453

& SSL_SESS_CACHE_NO_INTERNAL_LOOKUP) == 0) {

(s->session_ct...& 0x0100) == 0	Description
TRUE	evaluated 262 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 19 times by 1 test Evaluated by: libssl.so.1.1

19-262

454

SSL_SESSION data;

-

455

-

456

data.ssl_version = s->version;

-

457

if (!ossl_assert(sess_id_len <= SSL_MAX_SSL_SESSION_ID_LENGTH))

!((sess_id_len <= 32) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 262 times by 1 test Evaluated by: libssl.so.1.1

0-262

458

return NULL;

never executed: return ((void *)0) ;

0

459

-

460

memcpy(data.session_id, sess_id, sess_id_len);

-

461

data.session_id_length = sess_id_len;

-

462

-

463

CRYPTO_THREAD_read_lock(s->session_ctx->lock);

-

464

ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);

-

465

if (ret != NULL) {

ret != ((void *)0)	Description
TRUE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 211 times by 1 test Evaluated by: libssl.so.1.1

51-211

466

/* don't allow other threads to steal it: */

-

467

SSL_SESSION_up_ref(ret);

-

468

}

executed 51 times by 1 test: end of block

Executed by:

libssl.so.1.1

51

469

CRYPTO_THREAD_unlock(s->session_ctx->lock);

-

470

if (ret == NULL)

ret == ((void *)0)	Description
TRUE	evaluated 211 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1

51-211

471

tsan_counter(&s->session_ctx->stats.sess_miss);

executed 211 times by 1 test: __atomic_fetch_add (( (&s->session_ctx->stats.sess_miss) ), ( 1 ), ( memory_order_relaxed )) ;

Executed by:

libssl.so.1.1

211

472

}

executed 262 times by 1 test: end of block

Executed by:

libssl.so.1.1

262

473

-

474

if (ret == NULL && s->session_ctx->get_session_cb != NULL) {

ret == ((void *)0)	Description
TRUE	evaluated 230 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1

s->session_ctx...!= ((void *)0)	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 209 times by 1 test Evaluated by: libssl.so.1.1

21-230

475

int copy = 1;

-

476

-

477

ret = s->session_ctx->get_session_cb(s, sess_id, sess_id_len, &copy);

-

478

-

479

if (ret != NULL) {

ret != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 18 times by 1 test Evaluated by: libssl.so.1.1

3-18

480

tsan_counter(&s->session_ctx->stats.sess_cb_hit);

-

481

-

482

/*

-

483

* Increment reference count now if the session callback asks us

-

484

* to do so (note that if the session structures returned by the

-

485

* callback are shared between threads, it must handle the

-

486

* reference count itself [i.e. copy == 0], or things won't be

-

487

* thread-safe).

-

488

*/

-

489

if (copy)

copy	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-2

490

SSL_SESSION_up_ref(ret);

executed 2 times by 1 test: SSL_SESSION_up_ref(ret);

Executed by:

libssl.so.1.1

2

491

-

492

/*

-

493

* Add the externally cached session to the internal cache as

-

494

* well if and only if we are supposed to.

-

495

*/

-

496

if ((s->session_ctx->session_cache_mode &

(s->session_ct...& 0x0200) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

1-2

497

SSL_SESS_CACHE_NO_INTERNAL_STORE) == 0) {

(s->session_ct...& 0x0200) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

1-2

498

/*

-

499

* Either return value of SSL_CTX_add_session should not

-

500

* interrupt the session resumption process. The return

-

501

* value is intentionally ignored.

-

502

*/

-

503

(void)SSL_CTX_add_session(s->session_ctx, ret);

-

504

}

executed 1 time by 1 test: end of block

Executed by:

libssl.so.1.1

1

505

}

executed 3 times by 1 test: end of block

Executed by:

libssl.so.1.1

3

506

}

executed 21 times by 1 test: end of block

Executed by:

libssl.so.1.1

21

507

-

508

return ret;

executed 281 times by 1 test: return ret;

Executed by:

libssl.so.1.1

281

509

}

-

510

-

511

/*-

-

512

* ssl_get_prev attempts to find an SSL_SESSION to be used to resume this

-

513

* connection. It is only called by servers.

-

514

*

-

515

* hello: The parsed ClientHello data

-

516

*

-

517

* Returns:

-

518

* -1: fatal error

-

519

* 0: no session found

-

520

* 1: a session may have been found.

-

521

*

-

522

* Side effects:

-

523

* - If a session is found then s->session is pointed at it (after freeing an

-

524

* existing session if need be) and s->verify_result is set from the session.

-

525

* - Both for new and resumed sessions, s->ext.ticket_expected is set to 1

-

526

* if the server should issue a new session ticket (to 0 otherwise).

-

527

*/

-

528

int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)

-

529

{

-

530

/* This is used only by servers. */

-

531

-

532

SSL_SESSION *ret = NULL;

-

533

int fatal = 0;

-

534

int try_session_cache = 0;

-

535

SSL_TICKET_STATUS r;

-

536

-

537

if (SSL_IS_TLS13(s)) {

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 2874 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 181 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	evaluated 1133 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1741 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 1133 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2874

538

/*

-

539

* By default we will send a new ticket. This can be overridden in the

-

540

* ticket processing.

-

541

*/

-

542

s->ext.ticket_expected = 1;

-

543

if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,

!tls_parse_ext...void *)0) , 0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1129 times by 1 test Evaluated by: libssl.so.1.1

4-1129

544

SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,

!tls_parse_ext...void *)0) , 0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1129 times by 1 test Evaluated by: libssl.so.1.1

4-1129

545

NULL, 0)

!tls_parse_ext...void *)0) , 0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1129 times by 1 test Evaluated by: libssl.so.1.1

4-1129

546

|| !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,

!tls_parse_ext...void *)0) , 0)	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1116 times by 1 test Evaluated by: libssl.so.1.1

13-1116

547

hello->pre_proc_exts, NULL, 0))

!tls_parse_ext...void *)0) , 0)	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1116 times by 1 test Evaluated by: libssl.so.1.1

13-1116

548

return -1;

executed 17 times by 1 test: return -1;

Executed by:

libssl.so.1.1

17

549

-

550

ret = s->session;

-

551

} else {

executed 1116 times by 1 test: end of block

Executed by:

libssl.so.1.1

1116

552

/* sets s->ext.ticket_expected */

-

553

r = tls_get_ticket_from_client(s, hello, &ret);

-

554

switch (r) {

-

555

case SSL_TICKET_FATAL_ERR_MALLOC:

never executed: case 0:

0

556

case SSL_TICKET_FATAL_ERR_OTHER:

never executed: case 1:

0

557

fatal = 1;

-

558

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,

-

559

ERR_R_INTERNAL_ERROR);

-

560

goto err;

never executed: goto err;

0

561

case SSL_TICKET_NONE:

executed 599 times by 1 test: case 2:

Executed by:

libssl.so.1.1

599

562

case SSL_TICKET_EMPTY:

executed 1138 times by 1 test: case 3:

Executed by:

libssl.so.1.1

1138

563

if (hello->session_id_len > 0) {

hello->session_id_len > 0	Description
TRUE	evaluated 227 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

227-1510

564

try_session_cache = 1;

-

565

ret = lookup_sess_in_cache(s, hello->session_id,

-

566

hello->session_id_len);

-

567

}

executed 227 times by 1 test: end of block

Executed by:

libssl.so.1.1

227

568

break;

executed 1737 times by 1 test: break;

Executed by:

libssl.so.1.1

1737

569

case SSL_TICKET_NO_DECRYPT:

executed 86 times by 1 test: case 4:

Executed by:

libssl.so.1.1

86

570

case SSL_TICKET_SUCCESS:

executed 97 times by 1 test: case 5:

Executed by:

libssl.so.1.1

97

571

case SSL_TICKET_SUCCESS_RENEW:

executed 2 times by 1 test: case 6:

Executed by:

libssl.so.1.1

2

572

break;

executed 185 times by 1 test: break;

Executed by:

libssl.so.1.1

185

573

}

-

574

}

executed 1922 times by 1 test: end of block

Executed by:

libssl.so.1.1

1922

575

-

576

if (ret == NULL)

ret == ((void *)0)	Description
TRUE	evaluated 2791 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 247 times by 1 test Evaluated by: libssl.so.1.1

247-2791

577

goto err;

executed 2791 times by 1 test: goto err;

Executed by:

libssl.so.1.1

2791

578

-

579

/* Now ret is non-NULL and we own one of its reference counts. */

-

580

-

581

/* Check TLS version consistency */

-

582

if (ret->ssl_version != s->version)

ret->ssl_version != s->version	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 230 times by 1 test Evaluated by: libssl.so.1.1

17-230

583

goto err;

executed 17 times by 1 test: goto err;

Executed by:

libssl.so.1.1

17

584

-

585

if (ret->sid_ctx_length != s->sid_ctx_length

ret->sid_ctx_l...sid_ctx_length	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 229 times by 1 test Evaluated by: libssl.so.1.1

1-229

586

|| memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {

memcmp(ret->si...id_ctx_length)	Description
TRUE	never evaluated
FALSE	evaluated 229 times by 1 test Evaluated by: libssl.so.1.1

0-229

587

/*

-

588

* We have the session requested by the client, but we don't want to

-

589

* use it in this context.

-

590

*/

-

591

goto err; /* treat like cache miss */

executed 1 time by 1 test: goto err;

Executed by:

libssl.so.1.1

1

592

}

-

593

-

594

if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {

(s->verify_mode & 0x01)	Description
TRUE	never evaluated
FALSE	evaluated 229 times by 1 test Evaluated by: libssl.so.1.1

s->sid_ctx_length == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-229

595

/*

-

596

* We can't be sure if this session is being used out of context,

-

597

* which is especially important for SSL_VERIFY_PEER. The application

-

598

* should have used SSL[_CTX]_set_session_id_context. For this error

-

599

* case, we generate an error instead of treating the event like a

-

600

* cache miss (otherwise it would be easy for applications to

-

601

* effectively disable the session cache by accident without anyone

-

602

* noticing).

-

603

*/

-

604

-

605

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,

-

606

SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);

-

607

fatal = 1;

-

608

goto err;

never executed: goto err;

0

609

}

-

610

-

611

if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */

ret->timeout <...) - ret->time)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 228 times by 1 test Evaluated by: libssl.so.1.1

1-228

612

tsan_counter(&s->session_ctx->stats.sess_timeout);

-

613

if (try_session_cache) {

try_session_cache	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

614

/* session was from the cache, so remove it */

-

615

SSL_CTX_remove_session(s->session_ctx, ret);

-

616

}

never executed: end of block

0

617

goto err;

executed 1 time by 1 test: goto err;

Executed by:

libssl.so.1.1

1

618

}

-

619

-

620

/* Check extended master secret extension consistency */

-

621

if (ret->flags & SSL_SESS_FLAG_EXTMS) {

ret->flags & 0x1	Description
TRUE	evaluated 89 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 139 times by 1 test Evaluated by: libssl.so.1.1

89-139

622

/* If old session includes extms, but new does not: abort handshake */

-

623

if (!(s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS)) {

!(s->s3->flags & 0x0200)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 87 times by 1 test Evaluated by: libssl.so.1.1

2-87

624

SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL_GET_PREV_SESSION,

-

625

SSL_R_INCONSISTENT_EXTMS);

-

626

fatal = 1;

-

627

goto err;

executed 2 times by 1 test: goto err;

Executed by:

libssl.so.1.1

2

628

}

-

629

} else if (s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) {

executed 87 times by 1 test: end of block

Executed by:

libssl.so.1.1

s->s3->flags & 0x0200	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 136 times by 1 test Evaluated by: libssl.so.1.1

3-136

630

/* If new session includes extms, but old does not: do not resume */

-

631

goto err;

executed 3 times by 1 test: goto err;

Executed by:

libssl.so.1.1

3

632

}

-

633

-

634

if (!SSL_IS_TLS13(s)) {

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 207 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 16 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	evaluated 134 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 73 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 134 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-207

635

/* We already did this for TLS1.3 */

-

636

SSL_SESSION_free(s->session);

-

637

s->session = ret;

-

638

}

executed 89 times by 1 test: end of block

Executed by:

libssl.so.1.1

89

639

-

640

tsan_counter(&s->session_ctx->stats.sess_hit);

-

641

s->verify_result = s->session->verify_result;

-

642

return 1;

executed 223 times by 1 test: return 1;

Executed by:

libssl.so.1.1

223

643

-

644

err:

-

645

if (ret != NULL) {

ret != ((void *)0)	Description
TRUE	evaluated 24 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2791 times by 1 test Evaluated by: libssl.so.1.1

24-2791

646

SSL_SESSION_free(ret);

-

647

/* In TLSv1.3 s->session was already set to ret, so we NULL it out */

-

648

if (SSL_IS_TLS13(s))

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	never evaluated
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	never evaluated
FALSE	never evaluated

0-21

649

s->session = NULL;

never executed: s->session = ((void *)0) ;

0

650

-

651

if (!try_session_cache) {

!try_session_cache	Description
TRUE	evaluated 24 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-24

652

/*

-

653

* The session was from a ticket, so we should issue a ticket for

-

654

* the new session

-

655

*/

-

656

s->ext.ticket_expected = 1;

-

657

}

executed 24 times by 1 test: end of block

Executed by:

libssl.so.1.1

24

658

}

executed 24 times by 1 test: end of block

Executed by:

libssl.so.1.1

24

659

if (fatal)

fatal	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2813 times by 1 test Evaluated by: libssl.so.1.1

2-2813

660

return -1;

executed 2 times by 1 test: return -1;

Executed by:

libssl.so.1.1

2

661

-

662

return 0;

executed 2813 times by 1 test: return 0;

Executed by:

libssl.so.1.1

2813

663

}

-

664

-

665

int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)

-

666

{

-

667

int ret = 0;

-

668

SSL_SESSION *s;

-

669

-

670

/*

-

671

* add just 1 reference count for the SSL_CTX's session cache even though

-

672

* it has two ways of access: each session is in a doubly linked list and

-

673

* an lhash

-

674

*/

-

675

SSL_SESSION_up_ref(c);

-

676

/*

-

677

* if session c is in already in cache, we take back the increment later

-

678

*/

-

679

-

680

CRYPTO_THREAD_write_lock(ctx->lock);

-

681

s = lh_SSL_SESSION_insert(ctx->sessions, c);

-

682

-

683

/*

-

684

* s != NULL iff we already had a session with the given PID. In this

-

685

* case, s == c should hold (then we did not really modify

-

686

* ctx->sessions), or we're in trouble.

-

687

*/

-

688

if (s != NULL && s != c) {

s != ((void *)0)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

s != c	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-341

689

/* We *are* in trouble ... */

-

690

SSL_SESSION_list_remove(ctx, s);

-

691

SSL_SESSION_free(s);

-

692

/*

-

693

* ... so pretend the other session did not exist in cache (we cannot

-

694

* handle two SSL_SESSION structures with identical session ID in the

-

695

* same cache, which could happen e.g. when two threads concurrently

-

696

* obtain the same session from an external cache)

-

697

*/

-

698

s = NULL;

-

699

} else if (s == NULL &&

never executed: end of block

s == ((void *)0)	Description
TRUE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-341

700

lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {

lh_SSL_SESSION...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

0-341

701

/* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */

-

702

-

703

/*

-

704

* ... so take back the extra reference and also don't add

-

705

* the session to the SSL_SESSION_list at this time

-

706

*/

-

707

s = c;

-

708

}

never executed: end of block

0

709

-

710

/* Put at the head of the queue unless it is already in the cache */

-

711

if (s == NULL)

s == ((void *)0)	Description
TRUE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

7-341

712

SSL_SESSION_list_add(ctx, c);

executed 341 times by 1 test: SSL_SESSION_list_add(ctx, c);

Executed by:

libssl.so.1.1

341

713

-

714

if (s != NULL) {

s != ((void *)0)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

7-341

715

/*

-

716

* existing cache entry -- decrement previously incremented reference

-

717

* count because it already takes into account the cache

-

718

*/

-

719

-

720

SSL_SESSION_free(s); /* s == c */

-

721

ret = 0;

-

722

} else {

executed 7 times by 1 test: end of block

Executed by:

libssl.so.1.1

7

723

/*

-

724

* new cache entry -- remove old ones if cache has become too large

-

725

*/

-

726

-

727

ret = 1;

-

728

-

729

if (SSL_CTX_sess_get_cache_size(ctx) > 0) {

SSL_CTX_ctrl(c...oid *)0) ) > 0	Description
TRUE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-341

730

while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {

SSL_CTX_ctrl(c... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

0-341

731

if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))

!remove_sessio...cache_tail, 0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

732

break;

never executed: break;

0

733

else

-

734

tsan_counter(&ctx->stats.sess_cache_full);

never executed: __atomic_fetch_add (( (&ctx->stats.sess_cache_full) ), ( 1 ), ( memory_order_relaxed )) ;

0

735

}

-

736

}

executed 341 times by 1 test: end of block

Executed by:

libssl.so.1.1

341

737

}

executed 341 times by 1 test: end of block

Executed by:

libssl.so.1.1

341

738

CRYPTO_THREAD_unlock(ctx->lock);

-

739

return ret;

executed 348 times by 1 test: return ret;

Executed by:

libssl.so.1.1

348

740

}

-

741

-

742

int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)

-

743

{

-

744

return remove_session_lock(ctx, c, 1);

executed 3936 times by 1 test: return remove_session_lock(ctx, c, 1);

Executed by:

libssl.so.1.1

3936

745

}

-

746

-

747

static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)

-

748

{

-

749

SSL_SESSION *r;

-

750

int ret = 0;

-

751

-

752

if ((c != NULL) && (c->session_id_length != 0)) {

(c != ((void *)0) )	Description
TRUE	evaluated 3933 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

(c->session_id_length != 0)	Description
TRUE	evaluated 1744 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2189 times by 1 test Evaluated by: libssl.so.1.1

3-3933

753

if (lck)

lck	Description
TRUE	evaluated 1744 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1744

754

CRYPTO_THREAD_write_lock(ctx->lock);

executed 1744 times by 1 test: CRYPTO_THREAD_write_lock(ctx->lock);

Executed by:

libssl.so.1.1

1744

755

if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) != NULL) {

(r = lh_SSL_SE...!= ((void *)0)	Description
TRUE	evaluated 86 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1658 times by 1 test Evaluated by: libssl.so.1.1

86-1658

756

ret = 1;

-

757

r = lh_SSL_SESSION_delete(ctx->sessions, r);

-

758

SSL_SESSION_list_remove(ctx, r);

-

759

}

executed 86 times by 1 test: end of block

Executed by:

libssl.so.1.1

86

760

c->not_resumable = 1;

-

761

-

762

if (lck)

lck	Description
TRUE	evaluated 1744 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1744

763

CRYPTO_THREAD_unlock(ctx->lock);

executed 1744 times by 1 test: CRYPTO_THREAD_unlock(ctx->lock);

Executed by:

libssl.so.1.1

1744

764

-

765

if (ctx->remove_session_cb != NULL)

ctx->remove_se...!= ((void *)0)	Description
TRUE	evaluated 35 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1709 times by 1 test Evaluated by: libssl.so.1.1

35-1709

766

ctx->remove_session_cb(ctx, c);

executed 35 times by 1 test: ctx->remove_session_cb(ctx, c);

Executed by:

libssl.so.1.1

35

767

-

768

if (ret)

ret	Description
TRUE	evaluated 86 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1658 times by 1 test Evaluated by: libssl.so.1.1

86-1658

769

SSL_SESSION_free(r);

executed 86 times by 1 test: SSL_SESSION_free(r);

Executed by:

libssl.so.1.1

86

770

} else

executed 1744 times by 1 test: end of block

Executed by:

libssl.so.1.1

1744

771

ret = 0;

executed 2192 times by 1 test: ret = 0;

Executed by:

libssl.so.1.1

2192

772

return ret;

executed 3936 times by 1 test: return ret;

Executed by:

libssl.so.1.1

3936

773

}

-

774

-

775

void SSL_SESSION_free(SSL_SESSION *ss)

-

776

{

-

777

int i;

-

778

-

779

if (ss == NULL)

ss == ((void *)0)	Description
TRUE	evaluated 40225 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 13653 times by 1 test Evaluated by: libssl.so.1.1

13653-40225

780

return;

executed 40225 times by 2 tests: return;

Executed by:

libssl.so.1.1
tls13encryptiontest

40225

781

CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);

-

782

REF_PRINT_COUNT("SSL_SESSION", ss);

-

783

if (i > 0)

i > 0	Description
TRUE	evaluated 2167 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 11486 times by 1 test Evaluated by: libssl.so.1.1

2167-11486

784

return;

executed 2167 times by 1 test: return;

Executed by:

libssl.so.1.1

2167

785

REF_ASSERT_ISNT(i < 0);

-

786

-

787

CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);

-

788

-

789

OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key));

-

790

OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));

-

791

X509_free(ss->peer);

-

792

sk_X509_pop_free(ss->peer_chain, X509_free);

-

793

sk_SSL_CIPHER_free(ss->ciphers);

-

794

OPENSSL_free(ss->ext.hostname);

-

795

OPENSSL_free(ss->ext.tick);

-

796

#ifndef OPENSSL_NO_EC

-

797

OPENSSL_free(ss->ext.ecpointformats);

-

798

ss->ext.ecpointformats = NULL;

-

799

ss->ext.ecpointformats_len = 0;

-

800

OPENSSL_free(ss->ext.supportedgroups);

-

801

ss->ext.supportedgroups = NULL;

-

802

ss->ext.supportedgroups_len = 0;

-

803

#endif /* OPENSSL_NO_EC */

-

804

#ifndef OPENSSL_NO_PSK

-

805

OPENSSL_free(ss->psk_identity_hint);

-

806

OPENSSL_free(ss->psk_identity);

-

807

#endif

-

808

#ifndef OPENSSL_NO_SRP

-

809

OPENSSL_free(ss->srp_username);

-

810

#endif

-

811

OPENSSL_free(ss->ext.alpn_selected);

-

812

OPENSSL_free(ss->ticket_appdata);

-

813

CRYPTO_THREAD_lock_free(ss->lock);

-

814

OPENSSL_clear_free(ss, sizeof(*ss));

-

815

}

executed 11486 times by 1 test: end of block

Executed by:

libssl.so.1.1

11486

816

-

817

int SSL_SESSION_up_ref(SSL_SESSION *ss)

-

818

{

-

819

int i;

-

820

-

821

if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)

CRYPTO_UP_REF(...ss->lock) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 2167 times by 1 test Evaluated by: libssl.so.1.1

0-2167

822

return 0;

never executed: return 0;

0

823

-

824

REF_PRINT_COUNT("SSL_SESSION", ss);

-

825

REF_ASSERT_ISNT(i < 2);

-

826

return ((i > 1) ? 1 : 0);

executed 2167 times by 1 test: return ((i > 1) ? 1 : 0);

Executed by:

libssl.so.1.1

(i > 1)	Description
TRUE	evaluated 2167 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2167

827

}

-

828

-

829

int SSL_set_session(SSL *s, SSL_SESSION *session)

-

830

{

-

831

ssl_clear_bad_session(s);

-

832

if (s->ctx->method != s->method) {

s->ctx->method != s->method	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 372 times by 1 test Evaluated by: libssl.so.1.1

33-372

833

if (!SSL_set_ssl_method(s, s->ctx->method))

!SSL_set_ssl_m...->ctx->method)	Description
TRUE	never evaluated
FALSE	evaluated 33 times by 1 test Evaluated by: libssl.so.1.1

0-33

834

return 0;

never executed: return 0;

0

835

}

executed 33 times by 1 test: end of block

Executed by:

libssl.so.1.1

33

836

-

837

if (session != NULL) {

session != ((void *)0)	Description
TRUE	evaluated 253 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 152 times by 1 test Evaluated by: libssl.so.1.1

152-253

838

SSL_SESSION_up_ref(session);

-

839

s->verify_result = session->verify_result;

-

840

}

executed 253 times by 1 test: end of block

Executed by:

libssl.so.1.1

253

841

SSL_SESSION_free(s->session);

-

842

s->session = session;

-

843

-

844

return 1;

executed 405 times by 1 test: return 1;

Executed by:

libssl.so.1.1

405

845

}

-

846

-

847

int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,

-

848

unsigned int sid_len)

-

849

{

-

850

if (sid_len > SSL_MAX_SSL_SESSION_ID_LENGTH) {

sid_len > 32	Description
TRUE	never evaluated
FALSE	never evaluated

0

851

SSLerr(SSL_F_SSL_SESSION_SET1_ID,

-

852

SSL_R_SSL_SESSION_ID_TOO_LONG);

-

853

return 0;

never executed: return 0;

0

854

}

-

855

s->session_id_length = sid_len;

-

856

if (sid != s->session_id)

sid != s->session_id	Description
TRUE	never evaluated
FALSE	never evaluated

0

857

memcpy(s->session_id, sid, sid_len);

never executed: memcpy(s->session_id, sid, sid_len);

0

858

return 1;

never executed: return 1;

0

859

}

-

860

-

861

long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)

-

862

{

-

863

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

864

return 0;

never executed: return 0;

0

865

s->timeout = t;

-

866

return 1;

never executed: return 1;

0

867

}

-

868

-

869

long SSL_SESSION_get_timeout(const SSL_SESSION *s)

-

870

{

-

871

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

872

return 0;

never executed: return 0;

0

873

return s->timeout;

never executed: return s->timeout;

0

874

}

-

875

-

876

long SSL_SESSION_get_time(const SSL_SESSION *s)

-

877

{

-

878

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

879

return 0;

never executed: return 0;

0

880

return s->time;

executed 6 times by 1 test: return s->time;

Executed by:

libssl.so.1.1

6

881

}

-

882

-

883

long SSL_SESSION_set_time(SSL_SESSION *s, long t)

-

884

{

-

885

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1

0-5

886

return 0;

never executed: return 0;

0

887

s->time = t;

-

888

return t;

executed 5 times by 1 test: return t;

Executed by:

libssl.so.1.1

5

889

}

-

890

-

891

int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)

-

892

{

-

893

return s->ssl_version;

never executed: return s->ssl_version;

0

894

}

-

895

-

896

int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version)

-

897

{

-

898

s->ssl_version = version;

-

899

return 1;

executed 36 times by 1 test: return 1;

Executed by:

libssl.so.1.1

36

900

}

-

901

-

902

const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s)

-

903

{

-

904

return s->cipher;

executed 97 times by 1 test: return s->cipher;

Executed by:

libssl.so.1.1

97

905

}

-

906

-

907

int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher)

-

908

{

-

909

s->cipher = cipher;

-

910

return 1;

executed 35 times by 1 test: return 1;

Executed by:

libssl.so.1.1

35

911

}

-

912

-

913

const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)

-

914

{

-

915

return s->ext.hostname;

never executed: return s->ext.hostname;

0

916

}

-

917

-

918

int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname)

-

919

{

-

920

OPENSSL_free(s->ext.hostname);

-

921

if (hostname == NULL) {

hostname == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1

0-4

922

s->ext.hostname = NULL;

-

923

return 1;

never executed: return 1;

0

924

}

-

925

s->ext.hostname = OPENSSL_strdup(hostname);

-

926

-

927

return s->ext.hostname != NULL;

executed 4 times by 1 test: return s->ext.hostname != ((void *)0) ;

Executed by:

libssl.so.1.1

4

928

}

-

929

-

930

int SSL_SESSION_has_ticket(const SSL_SESSION *s)

-

931

{

-

932

return (s->ext.ticklen > 0) ? 1 : 0;

never executed: return (s->ext.ticklen > 0) ? 1 : 0;

(s->ext.ticklen > 0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

933

}

-

934

-

935

unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)

-

936

{

-

937

return s->ext.tick_lifetime_hint;

never executed: return s->ext.tick_lifetime_hint;

0

938

}

-

939

-

940

void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,

-

941

size_t *len)

-

942

{

-

943

*len = s->ext.ticklen;

-

944

if (tick != NULL)

tick != ((void *)0)	Description
TRUE	evaluated 1158 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1158

945

*tick = s->ext.tick;

executed 1158 times by 1 test: *tick = s->ext.tick;

Executed by:

libssl.so.1.1

1158

946

}

executed 1158 times by 1 test: end of block

Executed by:

libssl.so.1.1

1158

947

-

948

uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s)

-

949

{

-

950

return s->ext.max_early_data;

never executed: return s->ext.max_early_data;

0

951

}

-

952

-

953

int SSL_SESSION_set_max_early_data(SSL_SESSION *s, uint32_t max_early_data)

-

954

{

-

955

s->ext.max_early_data = max_early_data;

-

956

-

957

return 1;

executed 17 times by 1 test: return 1;

Executed by:

libssl.so.1.1

17

958

}

-

959

-

960

void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,

-

961

const unsigned char **alpn,

-

962

size_t *len)

-

963

{

-

964

*alpn = s->ext.alpn_selected;

-

965

*len = s->ext.alpn_selected_len;

-

966

}

never executed: end of block

0

967

-

968

int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s, const unsigned char *alpn,

-

969

size_t len)

-

970

{

-

971

OPENSSL_free(s->ext.alpn_selected);

-

972

if (alpn == NULL || len == 0) {

alpn == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1

len == 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1

0-5

973

s->ext.alpn_selected = NULL;

-

974

s->ext.alpn_selected_len = 0;

-

975

return 1;

never executed: return 1;

0

976

}

-

977

s->ext.alpn_selected = OPENSSL_memdup(alpn, len);

-

978

if (s->ext.alpn_selected == NULL) {

s->ext.alpn_se...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1

0-5

979

s->ext.alpn_selected_len = 0;

-

980

return 0;

never executed: return 0;

0

981

}

-

982

s->ext.alpn_selected_len = len;

-

983

-

984

return 1;

executed 5 times by 1 test: return 1;

Executed by:

libssl.so.1.1

5

985

}

-

986

-

987

X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)

-

988

{

-

989

return s->peer;

executed 6 times by 1 test: return s->peer;

Executed by:

libssl.so.1.1

6

990

}

-

991

-

992

int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,

-

993

unsigned int sid_ctx_len)

-

994

{

-

995

if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {

sid_ctx_len > 32	Description
TRUE	never evaluated
FALSE	never evaluated

0

996

SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,

-

997

SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);

-

998

return 0;

never executed: return 0;

0

999

}

-

1000

s->sid_ctx_length = sid_ctx_len;

-

1001

if (sid_ctx != s->sid_ctx)

sid_ctx != s->sid_ctx	Description
TRUE	never evaluated
FALSE	never evaluated

0

1002

memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);

never executed: memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);

0

1003

-

1004

return 1;

never executed: return 1;

0

1005

}

-

1006

-

1007

int SSL_SESSION_is_resumable(const SSL_SESSION *s)

-

1008

{

-

1009

/*

-

1010

* In the case of EAP-FAST, we can have a pre-shared "ticket" without a

-

1011

* session ID.

-

1012

*/

-

1013

return !s->not_resumable

executed 951 times by 1 test: return !s->not_resumable && (s->session_id_length > 0 || s->ext.ticklen > 0);

Executed by:

libssl.so.1.1

!s->not_resumable	Description
TRUE	evaluated 951 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-951

1014

&& (s->session_id_length > 0 || s->ext.ticklen > 0);

executed 951 times by 1 test: return !s->not_resumable && (s->session_id_length > 0 || s->ext.ticklen > 0);

Executed by:

libssl.so.1.1

s->session_id_length > 0	Description
TRUE	evaluated 285 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 666 times by 1 test Evaluated by: libssl.so.1.1

s->ext.ticklen > 0	Description
TRUE	never evaluated
FALSE	evaluated 666 times by 1 test Evaluated by: libssl.so.1.1

0-951

1015

}

-

1016

-

1017

long SSL_CTX_set_timeout(SSL_CTX *s, long t)

-

1018

{

-

1019

long l;

-

1020

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1021

return 0;

never executed: return 0;

0

1022

l = s->session_timeout;

-

1023

s->session_timeout = t;

-

1024

return l;

never executed: return l;

0

1025

}

-

1026

-

1027

long SSL_CTX_get_timeout(const SSL_CTX *s)

-

1028

{

-

1029

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1030

return 0;

never executed: return 0;

0

1031

return s->session_timeout;

never executed: return s->session_timeout;

0

1032

}

-

1033

-

1034

int SSL_set_session_secret_cb(SSL *s,

-

1035

tls_session_secret_cb_fn tls_session_secret_cb,

-

1036

void *arg)

-

1037

{

-

1038

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1039

return 0;

never executed: return 0;

0

1040

s->ext.session_secret_cb = tls_session_secret_cb;

-

1041

s->ext.session_secret_cb_arg = arg;

-

1042

return 1;

never executed: return 1;

0

1043

}

-

1044

-

1045

int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,

-

1046

void *arg)

-

1047

{

-

1048

if (s == NULL)

s == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1049

return 0;

never executed: return 0;

0

1050

s->ext.session_ticket_cb = cb;

-

1051

s->ext.session_ticket_cb_arg = arg;

-

1052

return 1;

never executed: return 1;

0

1053

}

-

1054

-

1055

int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)

-

1056

{

-

1057

if (s->version >= TLS1_VERSION) {

s->version >= 0x0301	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1

1058

OPENSSL_free(s->ext.session_ticket);

-

1059

s->ext.session_ticket = NULL;

-

1060

s->ext.session_ticket =

-

1061

OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);

-

1062

if (s->ext.session_ticket == NULL) {

s->ext.session...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

1063

SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);

-

1064

return 0;

never executed: return 0;

0

1065

}

-

1066

-

1067

if (ext_data != NULL) {

ext_data != ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1

1068

s->ext.session_ticket->length = ext_len;

-

1069

s->ext.session_ticket->data = s->ext.session_ticket + 1;

-

1070

memcpy(s->ext.session_ticket->data, ext_data, ext_len);

-

1071

} else {

executed 1 time by 1 test: end of block

Executed by:

libssl.so.1.1

1

1072

s->ext.session_ticket->length = 0;

-

1073

s->ext.session_ticket->data = NULL;

-

1074

}

never executed: end of block

0

1075

-

1076

return 1;

executed 1 time by 1 test: return 1;

Executed by:

libssl.so.1.1

1

1077

}

-

1078

-

1079

return 0;

never executed: return 0;

0

1080

}

-

1081

-

1082

typedef struct timeout_param_st {

-

1083

SSL_CTX *ctx;

-

1084

long time;

-

1085

LHASH_OF(SSL_SESSION) *cache;

-

1086

} TIMEOUT_PARAM;

-

1087

-

1088

static void timeout_cb(SSL_SESSION *s, TIMEOUT_PARAM *p)

-

1089

{

-

1090

if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */

(p->time == 0)	Description
TRUE	evaluated 255 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(p->time > (s-...+ s->timeout))	Description
TRUE	never evaluated
FALSE	never evaluated

0-255

1091

/*

-

1092

* The reason we don't call SSL_CTX_remove_session() is to save on

-

1093

* locking overhead

-

1094

*/

-

1095

(void)lh_SSL_SESSION_delete(p->cache, s);

-

1096

SSL_SESSION_list_remove(p->ctx, s);

-

1097

s->not_resumable = 1;

-

1098

if (p->ctx->remove_session_cb != NULL)

p->ctx->remove...!= ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 254 times by 1 test Evaluated by: libssl.so.1.1

1-254

1099

p->ctx->remove_session_cb(p->ctx, s);

executed 1 time by 1 test: p->ctx->remove_session_cb(p->ctx, s);

Executed by:

libssl.so.1.1

1

1100

SSL_SESSION_free(s);

-

1101

}

executed 255 times by 1 test: end of block

Executed by:

libssl.so.1.1

255

1102

}

executed 255 times by 1 test: end of block

Executed by:

libssl.so.1.1

255

1103

-

1104

IMPLEMENT_LHASH_DOALL_ARG(SSL_SESSION, TIMEOUT_PARAM);

executed 8017 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

8017

1105

-

1106

void SSL_CTX_flush_sessions(SSL_CTX *s, long t)

-

1107

{

-

1108

unsigned long i;

-

1109

TIMEOUT_PARAM tp;

-

1110

-

1111

tp.ctx = s;

-

1112

tp.cache = s->sessions;

-

1113

if (tp.cache == NULL)

tp.cache == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8017 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-8017

1114

return;

never executed: return;

0

1115

tp.time = t;

-

1116

CRYPTO_THREAD_write_lock(s->lock);

-

1117

i = lh_SSL_SESSION_get_down_load(s->sessions);

-

1118

lh_SSL_SESSION_set_down_load(s->sessions, 0);

-

1119

lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);

-

1120

lh_SSL_SESSION_set_down_load(s->sessions, i);

-

1121

CRYPTO_THREAD_unlock(s->lock);

-

1122

}

executed 8017 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

8017

1123

-

1124

int ssl_clear_bad_session(SSL *s)

-

1125

{

-

1126

if ((s->session != NULL) &&

(s->session != ((void *)0) )	Description
TRUE	evaluated 7459 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 16359 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

7459-16359

1127

!(s->shutdown & SSL_SENT_SHUTDOWN) &&

!(s->shutdown & 1)	Description
TRUE	evaluated 4722 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2737 times by 1 test Evaluated by: libssl.so.1.1

2737-4722

1128

!(SSL_in_init(s) || SSL_in_before(s))) {

SSL_in_init(s)	Description
TRUE	evaluated 4261 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 461 times by 1 test Evaluated by: libssl.so.1.1

SSL_in_before(s)	Description
TRUE	never evaluated
FALSE	evaluated 461 times by 1 test Evaluated by: libssl.so.1.1

0-4261

1129

SSL_CTX_remove_session(s->session_ctx, s->session);

-

1130

return 1;

executed 461 times by 1 test: return 1;

Executed by:

libssl.so.1.1

461

1131

} else

-

1132

return 0;

executed 23357 times by 2 tests: return 0;

Executed by:

libssl.so.1.1
tls13encryptiontest

23357

1133

}

-

1134

-

1135

/* locked by SSL_CTX in the calling function */

-

1136

static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)

-

1137

{

-

1138

if ((s->next == NULL) || (s->prev == NULL))

(s->next == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

(s->prev == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

0-341

1139

return;

never executed: return;

0

1140

-

1141

if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {

s->next == (SS...on_cache_tail)	Description
TRUE	evaluated 222 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 119 times by 1 test Evaluated by: libssl.so.1.1

119-222

1142

/* last element in list */

-

1143

if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {

s->prev == (SS...on_cache_head)	Description
TRUE	evaluated 180 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 42 times by 1 test Evaluated by: libssl.so.1.1

42-180

1144

/* only one element in list */

-

1145

ctx->session_cache_head = NULL;

-

1146

ctx->session_cache_tail = NULL;

-

1147

} else {

executed 180 times by 1 test: end of block

Executed by:

libssl.so.1.1

180

1148

ctx->session_cache_tail = s->prev;

-

1149

s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);

-

1150

}

executed 42 times by 1 test: end of block

Executed by:

libssl.so.1.1

42

1151

} else {

-

1152

if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {

s->prev == (SS...on_cache_head)	Description
TRUE	evaluated 102 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 17 times by 1 test Evaluated by: libssl.so.1.1

17-102

1153

/* first element in list */

-

1154

ctx->session_cache_head = s->next;

-

1155

s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);

-

1156

} else {

executed 102 times by 1 test: end of block

Executed by:

libssl.so.1.1

102

1157

/* middle of list */

-

1158

s->next->prev = s->prev;

-

1159

s->prev->next = s->next;

-

1160

}

executed 17 times by 1 test: end of block

Executed by:

libssl.so.1.1

17

1161

}

-

1162

s->prev = s->next = NULL;

-

1163

}

executed 341 times by 1 test: end of block

Executed by:

libssl.so.1.1

341

1164

-

1165

static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)

-

1166

{

-

1167

if ((s->next != NULL) && (s->prev != NULL))

(s->next != ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 341 times by 1 test Evaluated by: libssl.so.1.1

(s->prev != ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

0-341

1168

SSL_SESSION_list_remove(ctx, s);

never executed: SSL_SESSION_list_remove(ctx, s);

0

1169

-

1170

if (ctx->session_cache_head == NULL) {

ctx->session_c...== ((void *)0)	Description
TRUE	evaluated 180 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 161 times by 1 test Evaluated by: libssl.so.1.1

161-180

1171

ctx->session_cache_head = s;

-

1172

ctx->session_cache_tail = s;

-

1173

s->prev = (SSL_SESSION *)&(ctx->session_cache_head);

-

1174

s->next = (SSL_SESSION *)&(ctx->session_cache_tail);

-

1175

} else {

executed 180 times by 1 test: end of block

Executed by:

libssl.so.1.1

180

1176

s->next = ctx->session_cache_head;

-

1177

s->next->prev = s;

-

1178

s->prev = (SSL_SESSION *)&(ctx->session_cache_head);

-

1179

ctx->session_cache_head = s;

-

1180

}

executed 161 times by 1 test: end of block

Executed by:

libssl.so.1.1

161

1181

}

-

1182

-

1183

void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,

-

1184

int (*cb) (struct ssl_st *ssl, SSL_SESSION *sess))

-

1185

{

-

1186

ctx->new_session_cb = cb;

-

1187

}

executed 404 times by 1 test: end of block

Executed by:

libssl.so.1.1

404

1188

-

1189

int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {

-

1190

return ctx->new_session_cb;

never executed: return ctx->new_session_cb;

0

1191

}

-

1192

-

1193

void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,

-

1194

void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))

-

1195

{

-

1196

ctx->remove_session_cb = cb;

-

1197

}

executed 194 times by 1 test: end of block

Executed by:

libssl.so.1.1

194

1198

-

1199

void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,

-

1200

SSL_SESSION *sess) {

-

1201

return ctx->remove_session_cb;

never executed: return ctx->remove_session_cb;

0

1202

}

-

1203

-

1204

void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,

-

1205

SSL_SESSION *(*cb) (struct ssl_st *ssl,

-

1206

const unsigned char *data,

-

1207

int len, int *copy))

-

1208

{

-

1209

ctx->get_session_cb = cb;

-

1210

}

executed 186 times by 1 test: end of block

Executed by:

libssl.so.1.1

186

1211

-

1212

SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,

-

1213

const unsigned char

-

1214

*data, int len,

-

1215

int *copy) {

-

1216

return ctx->get_session_cb;

never executed: return ctx->get_session_cb;

0

1217

}

-

1218

-

1219

void SSL_CTX_set_info_callback(SSL_CTX *ctx,

-

1220

void (*cb) (const SSL *ssl, int type, int val))

-

1221

{

-

1222

ctx->info_callback = cb;

-

1223

}

executed 4 times by 1 test: end of block

Executed by:

libssl.so.1.1

4

1224

-

1225

void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,

-

1226

int val) {

-

1227

return ctx->info_callback;

never executed: return ctx->info_callback;

0

1228

}

-

1229

-

1230

void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,

-

1231

int (*cb) (SSL *ssl, X509 **x509,

-

1232

EVP_PKEY **pkey))

-

1233

{

-

1234

ctx->client_cert_cb = cb;

-

1235

}

never executed: end of block

0

1236

-

1237

int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,

-

1238

EVP_PKEY **pkey) {

-

1239

return ctx->client_cert_cb;

never executed: return ctx->client_cert_cb;

0

1240

}

-

1241

-

1242

#ifndef OPENSSL_NO_ENGINE

-

1243

int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)

-

1244

{

-

1245

if (!ENGINE_init(e)) {

!ENGINE_init(e)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1246

SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);

-

1247

return 0;

never executed: return 0;

0

1248

}

-

1249

if (!ENGINE_get_ssl_client_cert_function(e)) {

!ENGINE_get_ss...rt_function(e)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1250

SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,

-

1251

SSL_R_NO_CLIENT_CERT_METHOD);

-

1252

ENGINE_finish(e);

-

1253

return 0;

never executed: return 0;

0

1254

}

-

1255

ctx->client_cert_engine = e;

-

1256

return 1;

never executed: return 1;

0

1257

}

-

1258

#endif

-

1259

-

1260

void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,

-

1261

int (*cb) (SSL *ssl,

-

1262

unsigned char *cookie,

-

1263

unsigned int *cookie_len))

-

1264

{

-

1265

ctx->app_gen_cookie_cb = cb;

-

1266

}

executed 185 times by 1 test: end of block

Executed by:

libssl.so.1.1

185

1267

-

1268

void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,

-

1269

int (*cb) (SSL *ssl,

-

1270

const unsigned char *cookie,

-

1271

unsigned int cookie_len))

-

1272

{

-

1273

ctx->app_verify_cookie_cb = cb;

-

1274

}

executed 185 times by 1 test: end of block

Executed by:

libssl.so.1.1

185

1275

-

1276

int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len)

-

1277

{

-

1278

OPENSSL_free(ss->ticket_appdata);

-

1279

ss->ticket_appdata_len = 0;

-

1280

if (data == NULL || len == 0) {

data == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 29 times by 1 test Evaluated by: libssl.so.1.1

len == 0	Description
TRUE	never evaluated
FALSE	evaluated 29 times by 1 test Evaluated by: libssl.so.1.1

0-29

1281

ss->ticket_appdata = NULL;

-

1282

return 1;

never executed: return 1;

0

1283

}

-

1284

ss->ticket_appdata = OPENSSL_memdup(data, len);

-

1285

if (ss->ticket_appdata != NULL) {

ss->ticket_app...!= ((void *)0)	Description
TRUE	evaluated 29 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-29

1286

ss->ticket_appdata_len = len;

-

1287

return 1;

executed 29 times by 1 test: return 1;

Executed by:

libssl.so.1.1

29

1288

}

-

1289

return 0;

never executed: return 0;

0

1290

}

-

1291

-

1292

int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len)

-

1293

{

-

1294

*data = ss->ticket_appdata;

-

1295

*len = ss->ticket_appdata_len;

-

1296

return 1;

executed 1014 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1014

1297

}

-

1298

-

1299

void SSL_CTX_set_stateless_cookie_generate_cb(

-

1300

SSL_CTX *ctx,

-

1301

int (*cb) (SSL *ssl,

-

1302

unsigned char *cookie,

-

1303

size_t *cookie_len))

-

1304

{

-

1305

ctx->gen_stateless_cookie_cb = cb;

-

1306

}

executed 177 times by 1 test: end of block

Executed by:

libssl.so.1.1

177

1307

-

1308

void SSL_CTX_set_stateless_cookie_verify_cb(

-

1309

SSL_CTX *ctx,

-

1310

int (*cb) (SSL *ssl,

-

1311

const unsigned char *cookie,

-

1312

size_t cookie_len))

-

1313

{

-

1314

ctx->verify_stateless_cookie_cb = cb;

-

1315

}

executed 177 times by 1 test: end of block

Executed by:

libssl.so.1.1

177

1316

-

1317

IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)

executed 31 times by 1 test: return PEM_ASN1_read_bio((d2i_of_void *)d2i_SSL_SESSION, "SSL SESSION PARAMETERS",bp,(void **)x,cb,u);

Executed by:

libssl.so.1.1

never executed: return PEM_ASN1_read((d2i_of_void *)d2i_SSL_SESSION, "SSL SESSION PARAMETERS",fp,(void **)x,cb,u);

executed 18 times by 1 test:

return PEM_ASN1_write_bio((i2d_of_void *)i2d_SSL_SESSION,"SSL SESSION PARAMETERS",bp,x, ((void *)0) , ((void *)0) ,0, ((void *)0) , ((void *)0) );

Executed by:

libssl.so.1.1

never executed:

return PEM_ASN1_write((i2d_of_void *)i2d_SSL_SESSION,"SSL SESSION PARAMETERS",fp,x, ((void *)0) , ((void *)0) ,0, ((void *)0) , ((void *)0) );

0-31