Commit b7cfcfb7 authored Nov 15, 1999 by Mark J. Cox

This corrects the reference count handling in SSL_get_session.

Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).

Submitted By: Geoff Thorpe <geoff@eu.c2.net>

parent 06556a17

CHANGES

+4 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,10 @@

		Changes between 0.9.4 and 0.9.5 [xx XXX 1999]

		*) Correctly increment the reference count in the SSL_SESSION pointer
		returned from SSL_get_session().
		[Geoff Thorpe <geoff@eu.c2.net>]

		*) Fix for 'req': it was adding a null to request attributes.
		Also change the X509_LOOKUP and X509_INFO code to handle
		certificate auxiliary information.

ssl/ssl_sess.c

+10 −1

Original line number	Diff line number	Diff line
		@@ -69,7 +69,16 @@ static STACK *ssl_session_meth=NULL;

		SSL_SESSION SSL_get_session(SSL ssl)
		{
		return(ssl->session);
		SSL_SESSION *sess;
		/* Need to lock this all up rather than just use CRYPTO_add so that
		* somebody doesn't free ssl->session between when we check it's
		* non-null and when we up the reference count. */
		CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION);
		sess = ssl->session;
		if(sess)
		sess->references++;
		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION);
		return(sess);
		}

		int SSL_SESSION_get_ex_new_index(long argl, char argp, int (new_func)(),