diff options
author | Matt Caswell <matt@openssl.org> | 2017-01-19 15:01:55 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-01-30 10:18:22 +0000 |
commit | 534a43ffeaec03e50768ccf84d431f96f11256e3 (patch) | |
tree | b13507098f77003ce9bbb64955ec8b0b38918462 /ssl/ssl_sess.c | |
parent | 4086b42b2d58773bee8463f69eee4bf8c299b589 (diff) | |
download | openssl-534a43ffeaec03e50768ccf84d431f96f11256e3.tar.gz |
Always ensure that session->cipher is set
If we have deserialized the SSL_SESSION then in some circumstances the
session->cipher value is NULL. We were patching up in some places but not
in others. We should just do it as part of loading the SSL_SESSION.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)
Diffstat (limited to 'ssl/ssl_sess.c')
-rw-r--r-- | ssl/ssl_sess.c | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index c28a5e1b3f..77c917f38a 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -91,6 +91,9 @@ SSL_SESSION *SSL_SESSION_new(void) { SSL_SESSION *ss; + if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL)) + return NULL; + ss = OPENSSL_zalloc(sizeof(*ss)); if (ss == NULL) { SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); @@ -586,21 +589,6 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello) goto err; } - if (ret->cipher == NULL) { - unsigned char buf[5], *p; - unsigned long l; - - p = buf; - l = ret->cipher_id; - l2n(l, p); - if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR) - ret->cipher = ssl_get_cipher_by_char(s, &(buf[2])); - else - ret->cipher = ssl_get_cipher_by_char(s, &(buf[1])); - if (ret->cipher == NULL) - goto err; - } - if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */ s->session_ctx->stats.sess_timeout++; if (try_session_cache) { |