QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-04-29 19:24:37 +00:00
Code Issues Projects Releases Wiki Activity

Make removal from session cache more robust.

Browse Source
This commit is contained in:
Lutz Jänicke 2002-02-10 12:46:41 +00:00
parent 182d8435f0
commit acfe628b6e
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGES
View File

@ -13,7 +13,13 @@
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+) applies to 0.9.7 only +) applies to 0.9.7 only
+) Do not store session data into the internal session cache, if it *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
check whether we deal with a copy of a session and do not delete from
the cache in this case. Problem reported by "Izhar Shoshani Levi"
<izhar@checkpoint.com>.
[Lutz Jaenicke]
*) Do not store session data into the internal session cache, if it
is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
flag is set). Proposed by Aslam <aslam@funk.com>. flag is set). Proposed by Aslam <aslam@funk.com>.
[Lutz Jaenicke] [Lutz Jaenicke]

4
ssl/ssl_sess.c
View File

@ -474,10 +474,10 @@ static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
if ((c != NULL) && (c->session_id_length != 0)) if ((c != NULL) && (c->session_id_length != 0))
{ {
if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
r=(SSL_SESSION *)lh_delete(ctx->sessions,c); if ((r = (SSL_SESSION *)lh_retrieve(ctx->sessions,c)) == c)
if (r != NULL)
{ {
ret=1; ret=1;
r=(SSL_SESSION *)lh_delete(ctx->sessions,c);
SSL_SESSION_list_remove(ctx,c); SSL_SESSION_list_remove(ctx,c);
} }