Commit 1f61e8f0 authored May 26, 2016 by Todd Short Committed by Matt Caswell Aug 26, 2016

Always use session_ctx when removing a session



Sessions are stored on the session_ctx, which doesn't change after
SSL_set_SSL_CTX().

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

parent 1027ad4f

ssl/d1_pkt.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1251,7 +1251,7 @@ int dtls1_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
		BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
		ERR_add_error_data(2, "SSL alert number ", tmp);
		s->shutdown \|= SSL_RECEIVED_SHUTDOWN;
		SSL_CTX_remove_session(s->ctx, s->session);
		SSL_CTX_remove_session(s->session_ctx, s->session);
		return (0);
		} else {
		al = SSL_AD_ILLEGAL_PARAMETER;

ssl/s3_pkt.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -1473,7 +1473,7 @@ int ssl3_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
		BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
		ERR_add_error_data(2, "SSL alert number ", tmp);
		s->shutdown \|= SSL_RECEIVED_SHUTDOWN;
		SSL_CTX_remove_session(s->ctx, s->session);
		SSL_CTX_remove_session(s->session_ctx, s->session);
		return (0);
		} else {
		al = SSL_AD_ILLEGAL_PARAMETER;
		@@ -1698,7 +1698,7 @@ int ssl3_send_alert(SSL *s, int level, int desc)
		return -1;
		/* If a fatal one, remove from cache */
		if ((level == 2) && (s->session != NULL))
		SSL_CTX_remove_session(s->ctx, s->session);
		SSL_CTX_remove_session(s->session_ctx, s->session);

		s->s3->alert_dispatch = 1;
		s->s3->send_alert[0] = level;

ssl/ssl_sess.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1127,7 +1127,7 @@ int ssl_clear_bad_session(SSL *s)
		if ((s->session != NULL) &&
		!(s->shutdown & SSL_SENT_SHUTDOWN) &&
		!(SSL_in_init(s) \|\| SSL_in_before(s))) {
		SSL_CTX_remove_session(s->ctx, s->session);
		SSL_CTX_remove_session(s->session_ctx, s->session);
		return (1);
		} else
		return (0);