aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLutz Jänicke <jaenicke@openssl.org>2002-11-20 10:48:58 +0000
committerLutz Jänicke <jaenicke@openssl.org>2002-11-20 10:48:58 +0000
commit6a8afe2201cd888e472e44225d3c9ca5fae1ca62 (patch)
tree30bcdd791fb2f15ad1a10da1a59c44e0c722c7fa
parent1e3a9b650f2504af1211275433867cface88a5de (diff)
downloadopenssl-6a8afe2201cd888e472e44225d3c9ca5fae1ca62.tar.gz
Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351): Make sure, that cipher_id is set before comparing. Submitted by: Reviewed by: PR: 288 (and 351)
-rw-r--r--CHANGES7
-rw-r--r--ssl/s3_clnt.c5
2 files changed, 12 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 43a0ffcfb7..9104c1fc7b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2111,6 +2111,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
+ *) Bugfix: client side session caching did not work with external caching,
+ because the session->cipher setting was not restored when reloading
+ from the external cache. This problem was masked, when
+ SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
+ (Found by Steve Haslam <steve@araqnid.ddts.net>.)
+ [Lutz Jaenicke]
+
*) Fix client_certificate (ssl/s2_clnt.c): The permissible total
length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
[Zeev Lieber <zeev-l@yahoo.com>]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index bc7523cdf1..45bea069f2 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -722,6 +722,11 @@ static int ssl3_get_server_hello(SSL *s)
goto f_err;
}
+ /* Depending on the session caching (internal/external), the cipher
+ and/or cipher_id values may not be set. Make sure that
+ cipher_id is set and use it for comparison. */
+ if (s->session->cipher)
+ s->session->cipher_id = s->session->cipher->id;
if (s->hit && (s->session->cipher_id != c->id))
{
if (!(s->options &