From 36f038f1041f9f31878f75b567959ceae08eb34e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 30 Jun 2015 13:58:25 +0100 Subject: [PATCH] Dup peer_chain properly in SSL_SESSION Reviewed-by: Matt Caswell --- ssl/ssl_sess.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 03c6ac087d..9063bca415 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -268,6 +268,12 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) if (src->peer != NULL) CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509); + if (src->peer_chain != NULL) { + dest->peer_chain = X509_chain_up_ref(src->peer_chain); + if (dest->peer_chain == NULL) + goto err; + } + #ifndef OPENSSL_NO_PSK if (src->psk_identity_hint) { dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint); -- GitLab