Commit 16ff1342 authored by Matt Caswell's avatar Matt Caswell
Browse files

Only update the server session cache when the session is ready 



In TLSv1.3 the session is not ready until after the end of the handshake
when we are constructing the NewSessionTicket.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5621)
parent 5cd42251

ssl/statem/statem_lib.c

+6 −1
Original line number Diff line number Diff line
@@ -1043,6 +1043,11 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) 
        ssl3_cleanup_key_block(s);



        if (s->server) {

            /*

             * In TLSv1.3 we update the cache as part of constructing the

             * NewSessionTicket

             */

            if (!SSL_IS_TLS13(s))

                ssl_update_cache(s, SSL_SESS_CACHE_SERVER);



            /* N.B. s->ctx may not equal s->session_ctx */

ssl/statem/statem_srvr.c

+8 −6
Original line number Diff line number Diff line
@@ -3889,13 +3889,15 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt) 
                 SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, ERR_R_INTERNAL_ERROR);

        goto err;

    }

    if (SSL_IS_TLS13(s)

            && !tls_construct_extensions(s, pkt,

    if (SSL_IS_TLS13(s)) {

        ssl_update_cache(s, SSL_SESS_CACHE_SERVER);

        if (!tls_construct_extensions(s, pkt,

                                      SSL_EXT_TLS1_3_NEW_SESSION_TICKET,

                                      NULL, 0)) {

            /* SSLfatal() already called */

            goto err;

        }

    }

    EVP_CIPHER_CTX_free(ctx);

    HMAC_CTX_free(hctx);

    OPENSSL_free(senc);