curl/curl
1
1
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-09-18 01:52:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

openssl: check if sessionid flag is enabled before retrieving session

Browse Source 
Ideally, Curl_ssl_getsessionid should not be called unless sessionid
caching is enabled. There is a debug assertion in the function to help
ensure that. Therefore, the pattern in all vtls is basically:

  if(primary.sessionid) {lock(); Curl_ssl_getsessionid(...); unlock();}

There was one instance in openssl.c where sessionid was not checked
beforehand and this change fixes that.

Prior to this change an assertion would occur in openssl debug builds
during connection stage if session caching was disabled.

Reported-by: Jim Beveridge

Fixes https://github.com/curl/curl/issues/8472
Closes https://github.com/curl/curl/pull/8484
This commit is contained in:
Jay Satiro 2022-02-20 16:30:08 -05:00
parent e0dc9765a7
commit f7ba0eccf7
1 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/vtls/openssl.c
View File

@ -3239,6 +3239,7 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
return CURLE_SSL_CONNECT_ERROR;
}
if(SSL_SET_OPTION(primary.sessionid)) {
Curl_ssl_sessionid_lock(data);
if(!Curl_ssl_getsessionid(data, conn, SSL_IS_PROXY() ? TRUE : FALSE,
&ssl_sessionid, NULL, sockindex)) {
@ -3254,6 +3255,7 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
infof(data, "SSL re-using session ID");
}
Curl_ssl_sessionid_unlock(data);
}
#ifndef CURL_DISABLE_PROXY
if(conn->proxy_ssl[sockindex].use) {