Don't change a session once its in the cache

Sessions should be immutable once they are in the cache because they could be shared with other threads. If you change them then this can cause corruptions and races Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6561)

Don't change a session once its in the cache
Sessions should be immutable once they are in the cache because they could be shared with other threads. If you change them then this can cause corruptions and races Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6561)
c35e9669 · Matt Caswell · 3445872e · c35e9669
隐藏空白更改
内联并排

Showing with 4 addition and 3 deletion

ssl/statem/statem_srvr.c ssl/statem/statem_srvr.c +4 -3

未找到文件。
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3796,10 +3796,11 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
            cb(s, SSL_CB_HANDSHAKE_START, 1);
        }
        /*
-         * If we already sent one NewSessionTicket then we need to take a copy
-         * of it and create a new session from it.
+         * If we already sent one NewSessionTicket, or we resumed then
+         * s->session may already be in a cache and so we must not modify it.
+         * Instead we need to take a copy of it and modify that.
         */
-        if (s->sent_tickets != 0) {
+        if (s->sent_tickets != 0 || s->hit) {
            SSL_SESSION *new_sess = ssl_session_dup(s->session, 0);

            if (new_sess == NULL) {