diff options
Diffstat (limited to 'src/lib/libssl/ssl_sess.c')
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index fbc30b94e6..664f8c2230 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -60,7 +60,6 @@ | |||
| 60 | #include <openssl/lhash.h> | 60 | #include <openssl/lhash.h> |
| 61 | #include <openssl/rand.h> | 61 | #include <openssl/rand.h> |
| 62 | #include "ssl_locl.h" | 62 | #include "ssl_locl.h" |
| 63 | #include "cryptlib.h" | ||
| 64 | 63 | ||
| 65 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); | 64 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); |
| 66 | static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); | 65 | static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); |
| @@ -309,12 +308,9 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) | |||
| 309 | if (copy) | 308 | if (copy) |
| 310 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); | 309 | CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); |
| 311 | 310 | ||
| 312 | /* Add the externally cached session to the internal | 311 | /* The following should not return 1, otherwise, |
| 313 | * cache as well if and only if we are supposed to. */ | 312 | * things are very strange */ |
| 314 | if(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE)) | 313 | SSL_CTX_add_session(s->ctx,ret); |
| 315 | /* The following should not return 1, otherwise, | ||
| 316 | * things are very strange */ | ||
| 317 | SSL_CTX_add_session(s->ctx,ret); | ||
| 318 | } | 314 | } |
| 319 | if (ret == NULL) | 315 | if (ret == NULL) |
| 320 | goto err; | 316 | goto err; |
| @@ -528,13 +524,13 @@ void SSL_SESSION_free(SSL_SESSION *ss) | |||
| 528 | 524 | ||
| 529 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); | 525 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); |
| 530 | 526 | ||
| 531 | OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg); | 527 | memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); |
| 532 | OPENSSL_cleanse(ss->master_key,sizeof ss->master_key); | 528 | memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); |
| 533 | OPENSSL_cleanse(ss->session_id,sizeof ss->session_id); | 529 | memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); |
| 534 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); | 530 | if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); |
| 535 | if (ss->peer != NULL) X509_free(ss->peer); | 531 | if (ss->peer != NULL) X509_free(ss->peer); |
| 536 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); | 532 | if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); |
| 537 | OPENSSL_cleanse(ss,sizeof(*ss)); | 533 | memset(ss,0,sizeof(*ss)); |
| 538 | OPENSSL_free(ss); | 534 | OPENSSL_free(ss); |
| 539 | } | 535 | } |
| 540 | 536 | ||