diff options
author | Mark J. Cox <mark@openssl.org> | 1999-11-15 16:31:31 +0000 |
---|---|---|
committer | Mark J. Cox <mark@openssl.org> | 1999-11-15 16:31:31 +0000 |
commit | b7cfcfb7f8e17c17f457b3384010eb027f3aad72 (patch) | |
tree | 5b5789625f7de0a23738f3e56bf4b6838456ae44 | |
parent | 06556a1744dced40a2a77d7b6e4bb73f6e611b8d (diff) | |
download | openssl-b7cfcfb7f8e17c17f457b3384010eb027f3aad72.tar.gz |
This corrects the reference count handling in SSL_get_session.
Previously, the returned SSL_SESSION didn't have its reference count
incremented so the SSL_SESSION could be freed at any time causing
seg-faults if the pointer was subsequently used. Code that uses
SSL_get_session must now make a corresponding SSL_SESSION_free() call when
it is done to avoid memory leaks (or blocked up session caches).
Submitted By: Geoff Thorpe <geoff@eu.c2.net>
-rw-r--r-- | CHANGES | 4 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 11 |
2 files changed, 14 insertions, 1 deletions
@@ -4,6 +4,10 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 1999] + *) Correctly increment the reference count in the SSL_SESSION pointer + returned from SSL_get_session(). + [Geoff Thorpe <geoff@eu.c2.net>] + *) Fix for 'req': it was adding a null to request attributes. Also change the X509_LOOKUP and X509_INFO code to handle certificate auxiliary information. diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 681499f08a..4dddf627cd 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -69,7 +69,16 @@ static STACK *ssl_session_meth=NULL; SSL_SESSION *SSL_get_session(SSL *ssl) { - return(ssl->session); + SSL_SESSION *sess; + /* Need to lock this all up rather than just use CRYPTO_add so that + * somebody doesn't free ssl->session between when we check it's + * non-null and when we up the reference count. */ + CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION); + sess = ssl->session; + if(sess) + sess->references++; + CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION); + return(sess); } int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func)(), |