Skip to content
  1. May 09, 2018
  2. May 08, 2018
  3. May 07, 2018
  4. May 05, 2018
  5. May 04, 2018
  6. May 03, 2018
  7. May 02, 2018
  8. May 01, 2018
    • Benjamin Kaduk's avatar
      Fix regression with session cache use by clients · c4fa1f7f
      Benjamin Kaduk authored
      Commit d316cdcf
      
       introduced some extra
      checks into the session-cache update procedure, intended to prevent
      the caching of sessions whose resumption would lead to a handshake
      failure, since if the server is authenticating the client, there needs to
      be an application-set "session id context" to match up to the authentication
      context.  While that change is effective for its stated purpose, there
      was also some collatoral damage introduced along with the fix -- clients
      that set SSL_VERIFY_PEER are not expected to set an sid_ctx, and so
      their usage of session caching was erroneously denied.
      
      Fix the scope of the original commit by limiting it to only acting
      when the SSL is a server SSL.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/5967)
      c4fa1f7f