Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Session reuse #2

Open
wants to merge 18 commits into
base: master
Choose a base branch
from
Open

Session reuse #2

wants to merge 18 commits into from

Conversation

daurnimator
Copy link
Contributor

Changes that allow for session reuse
Sample scripts included.

@daurnimator
context.c: const correctness
563a083
@daurnimator
.gitignore: Ignore object files and sample certs
aa74aac
@daurnimator
Add stats function to context
8aa87ef
@daurnimator
Add session type; (s,g)etsession to ssl objects
ad494fb
@daurnimator
session: Add asn1 method
d090f4a
@daurnimator
session: prevent double frees on manual __gc invocation
6a83c1a
@daurnimator
context: Add setsessionidcontext and setsessioncachemode
a87f56d
@daurnimator
ssl: Add method reused which returns if a session has been regotiat…
7629c89 
…ed or not
@daurnimator
ssl.lua: Add config options to initialise setsessioncachemode and set…
395b165 
…sessionidcontext
@daurnimator
context: Use a seperate method table
f9c6000
@daurnimator
Add sample of session reuse
9f4ff27
@daurnimator
context: Add cache size management
854cad4
@daurnimator
Fix sample client (don't keep setting session)
84dc293
@daurnimator
context: Add set session cache timeout
340993d
@daurnimator
session: Add id method
6a314f9
@daurnimator
session: Per-session timeout manipulation
962dbcd
@daurnimator
session: Manipulate a session's establishment time
fc4bf42
@daurnimator
session: Fix session free checks
8f695ee
@jan2000
Copy link

jan2000 commented Jan 29, 2020

Is there a specific reason why this never got merged? I would very much like to see this feature in luasec.

@brunoos
Copy link
Member

brunoos commented Feb 9, 2020

To be honest, I waited to see if there was demand. Luasec was in 0.4 version, it was small and I wanted to keep it simple.

Zash added a commit to Zash/luasec that referenced this pull request Aug 12, 2021
@Zash
Update Lua state reference after SNI
be24183 
Background:

The SSL Context has a reference to the Lua state, commonly called L, for
use when invoking callbacks during TLS handshaking.

Earlier there was a crash due to the Lua State having changed between
context creation and access to it during TLS handshake.  This could
happen if the TLS context is created in one coroutine, which has
subsequently been garbage collected and its memory become invalid,
whereafter the TLS context is used to negotiate a TLS connection which
involves calling some callback.

Observation:

SIGSEGV in alpn_cb(), where arg/ctx -> L does not match the L earlier in
the stack, in meth_handshake().

    #0  __strcmp_sse2 () at ../sysdeps/x86_64/strcmp.S:1447
    lunarmodules#1  0x00005589415b1e1a in luaS_new (L=L@entry=0x5589444880a8, str=str@entry=0x7ff3f94b160e "SSL:ALPN:Registry") at lstring.c:246
    lunarmodules#2  0x00005589415a47b2 in auxgetstr (L=0x5589444880a8, t=0x558944488188, k=k@entry=0x7ff3f94b160e "SSL:ALPN:Registry") at lapi.c:617
    lunarmodules#3  0x00005589415a575b in lua_getfield (L=L@entry=0x5589444880a8, idx=idx@entry=-1001000, k=k@entry=0x7ff3f94b160e "SSL:ALPN:Registry") at lapi.c:657
    lunarmodules#4  0x00007ff3f94af3c5 in alpn_cb (s=<optimized out>, out=0x7ffdda0dc260, outlen=0x7ffdda0dc25f "", in=0x558943d14570 "\vxmpp-client", inlen=12, arg=0x55894450d2a8) at src/context.c:660
    lunarmodules#5  0x00007ff3f946751c in tls_handle_alpn (s=0x558943d6d540) at ../ssl/statem/statem_srvr.c:2147
    lunarmodules#6  0x00007ff3f944ddd8 in tls_parse_all_extensions (s=s@entry=0x558943d6d540, context=context@entry=128, exts=<optimized out>, x=x@entry=0x0, chainidx=chainidx@entry=0, fin=fin@entry=1) at ../ssl/statem/extensions.c:761
    lunarmodules#7  0x00007ff3f94677bc in tls_early_post_process_client_hello (s=0x558943d6d540) at ../ssl/statem/statem_srvr.c:1881
    lunarmodules#8  tls_post_process_client_hello (s=0x558943d6d540, wst=<optimized out>) at ../ssl/statem/statem_srvr.c:2225
    lunarmodules#9  0x00007ff3f945726b in read_state_machine (s=0x558943d6d540) at ../ssl/statem/statem.c:664
    lunarmodules#10 state_machine (s=0x558943d6d540, server=1) at ../ssl/statem/statem.c:434
    lunarmodules#11 0x00007ff3f9442f74 in SSL_do_handshake (s=0x558943d6d540) at ../ssl/ssl_lib.c:3615
    lunarmodules#12 0x00007ff3f94ad44f in handshake (ssl=0x558944811648) at src/ssl.c:120
    lunarmodules#13 meth_handshake (L=0x5589432a2268) at src/ssl.c:388
    lunarmodules#14 0x00005589415a8e61 in luaD_precall (L=L@entry=0x5589432a2268, func=func@entry=0x558944223f20, nresults=2) at ldo.c:503

    (gdb) frame 13
    lunarmodules#13 meth_handshake (L=0x5589432a2268) at src/ssl.c:388
    (gdb) p ctx
    $1 = (p_context) 0x5589433ab508

This is passed as 'arg' to alpn_cb(), note different pointer
arg=0x55894450d2a8.

Theory:

When selecting a context during SNI negotiation, the selected context
would be a different one from the one where meth_handshake() has updated
the Lua state reference. Thus the reference can still be invalid and
cause a crash when invoving a callback afterwards, such as the ALPN one.

Solution:

Update the Lua state reference on the selected SSL context after SNI.
@alerque alerque mentioned this pull request Aug 27, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@daurnimator @jan2000 @brunoos