projects / platform / upstream / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eea1da0) | patch
openssl: check if sessionid flag is enabled before retrieving session 36/272836/1 accepted/tizen_7.0_base_hotfix tizen_7.0_base_hotfix accepted/tizen/7.0/base/20221116.030029 accepted/tizen/7.0/base/hotfix/20221116.055439 accepted/tizen/base/20220327.224507 accepted/tizen/base/20221115.103903 submit/tizen_base/20220325.123158 tizen_7.0_m2_release
authorSeonah Moon <seonah1.moon@samsung.com>
Fri, 25 Mar 2022 08:12:58 +0000 (17:12 +0900)
committerSeonah Moon <seonah1.moon@samsung.com>
Fri, 25 Mar 2022 08:13:00 +0000 (17:13 +0900)
commite887e46a25852bc11ce8d08de072a5c9b97157e4
tree09fc262cef27ef0e3396d47c94f4e67c303c09b5tree | snapshot
parenteea1da09ac5841a4e58622a52a29ac668302fbfbcommit | diff
openssl: check if sessionid flag is enabled before retrieving session

Ideally, Curl_ssl_getsessionid should not be called unless sessionid
caching is enabled. There is a debug assertion in the function to help
ensure that. Therefore, the pattern in all vtls is basically:

  if(primary.sessionid) {lock(); Curl_ssl_getsessionid(...); unlock();}

There was one instance in openssl.c where sessionid was not checked
beforehand and this change fixes that.

Prior to this change an assertion would occur in openssl debug builds
during connection stage if session caching was disabled.

Reported-by: Jim Beveridge
Fixes https://github.com/curl/curl/issues/8472
Closes https://github.com/curl/curl/pull/8484

Change-Id: I720345c0c456f7375b5b842846061c043e236a57
lib/vtls/openssl.c diff | blob | history
Domain: Network & Connectivity / Data Network;