Remove sessions from external cache, even if internal cache not used. (e4612d02) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/ssl_sess.c

+5 −5

Original line number	Diff line number	Diff line
		@@ -708,16 +708,16 @@ static int remove_session_lock(SSL_CTX ctx, SSL_SESSION c, int lck)
		r = lh_SSL_SESSION_delete(ctx->sessions, c);
		SSL_SESSION_list_remove(ctx, c);
		}
		c->not_resumable = 1;

		if (lck)
		CRYPTO_THREAD_unlock(ctx->lock);

		if (ret) {
		r->not_resumable = 1;
		if (ctx->remove_session_cb != NULL)
		ctx->remove_session_cb(ctx, r);
		if (ret)
		SSL_SESSION_free(r);
		}

		if (ctx->remove_session_cb != NULL)
		ctx->remove_session_cb(ctx, c);
		} else
		ret = 0;
		return (ret);

+2 −9

Original line number	Diff line number	Diff line
		@@ -1839,17 +1839,10 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL s, PACKET pkt)
		*/
		if (i & SSL_SESS_CACHE_CLIENT) {
		/*
		* Remove the old session from the cache
		* Remove the old session from the cache. We carry on if this fails
		*/
		if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) {
		if (s->session_ctx->remove_session_cb != NULL)
		s->session_ctx->remove_session_cb(s->session_ctx,
		s->session);
		} else {
		/* We carry on if this fails */
		SSL_CTX_remove_session(s->session_ctx, s->session);
		}
		}

		if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {
		al = SSL_AD_INTERNAL_ERROR;