Commit 15b3fd6f authored Jul 25, 2017 by Lingmo Zhu Committed by Matt Caswell Aug 03, 2017

Remove the obsolete misleading comment and code related to it.



The comment "The following should not return 1, otherwise, things
are very strange" is from the very first commit of OpenSSL. The
really meaning of the comment is if the identical session can be
found from internal cache after calling get_session_cb but not
found before calling get_session_cb, it is just strange.

The value 1 was originated from the old doc of SSLeay, reversed
from the actual return value of SSL_CTX_add_session().

Anyway either return value of SSL_CTX_add_session() should not
interrupt the session resumption process. So the checking of
return value of SSL_CTX_add_session() is not necessary.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4014)

(cherry picked from commit e29bb834)

parent 85d9b9f7

ssl/ssl_sess.c

+7 −4

Original line number	Diff line number	Diff line
		@@ -531,11 +531,14 @@ int ssl_get_prev_session(SSL s, const PACKET ext, const PACKET *session_id)
		(s->session_ctx->session_cache_mode &
		SSL_SESS_CACHE_NO_INTERNAL_STORE)) {
		/*
		* The following should not return 1, otherwise, things are
		* very strange
		* Either return value of SSL_CTX_add_session should not
		* interrupt the session resumption process. The return
		* value is intentionally ignored.
		*/
		if (SSL_CTX_add_session(s->session_ctx, ret))
		goto err;
		#pragma GCC diagnostic push
		#pragma GCC diagnostic ignored "-Wunused-result"
		SSL_CTX_add_session(s->session_ctx, ret);
		#pragma GCC diagnostic pop
		}
		}
		}