Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
45fd4dbb
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
45fd4dbb
编写于
12月 29, 1999
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix SSL_CTX_add_session: When two SSL_SESSIONs have the same ID,
they can sometimes be different memory structures.
上级
9535f8c1
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
43 addition
and
10 deletion
+43
-10
CHANGES
CHANGES
+8
-0
ssl/ssl_sess.c
ssl/ssl_sess.c
+35
-10
未找到文件。
CHANGES
浏览文件 @
45fd4dbb
...
...
@@ -4,6 +4,14 @@
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
*) In SSL_CTX_add_session, take into account that there might be multiple
SSL_SESSION structures with the same session ID (e.g. when two threads
concurrently obtain them from an external cache).
The internal cache can handle only one SSL_SESSION with a given ID,
so if there's a conflict, we now throw out the old one to achieve
consistency.
[Bodo Moeller]
*) Add OIDs for idea and blowfish in CBC mode. This will allow both
to be used in PKCS#5 v2.0 and S/MIME. Also add checking to
some routines that use cipher OIDs: some ciphers do not have OIDs
...
...
ssl/ssl_sess.c
浏览文件 @
45fd4dbb
...
...
@@ -191,8 +191,14 @@ int ssl_get_new_session(SSL *s, int session)
CRYPTO_r_unlock
(
CRYPTO_LOCK_SSL_CTX
);
if
(
r
==
NULL
)
break
;
/* else - woops a session_id match */
/* XXX should also check external cache!
* (But the probability of a collision is negligible, anyway...) */
/* XXX We should also check the external cache --
* but the probability of a collision is negligible, and
* we could not prevent the concurrent creation of sessions
* with identical IDs since we currently don't have means
* to atomically check whether a session ID already exists
* and make a reservation for it if it does not
* (this problem applies to the internal cache as well).
*/
}
}
else
...
...
@@ -216,7 +222,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
SSL_SESSION
*
ret
=
NULL
,
data
;
int
fatal
=
0
;
/* conn_init();*/
data
.
ssl_version
=
s
->
version
;
data
.
session_id_length
=
len
;
if
(
len
>
SSL_MAX_SSL_SESSION_ID_LENGTH
)
...
...
@@ -352,27 +357,47 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
int
ret
=
0
;
SSL_SESSION
*
s
;
/* conn_init(); */
/* add just 1 reference count for the SSL_CTX's session cache
* even though it has two ways of access: each session is in a
* doubly linked list and an lhash */
CRYPTO_add
(
&
c
->
references
,
1
,
CRYPTO_LOCK_SSL_SESSION
);
/* if session c is in already in cache, we take back the increment later */
CRYPTO_w_lock
(
CRYPTO_LOCK_SSL_CTX
);
s
=
(
SSL_SESSION
*
)
lh_insert
(
ctx
->
sessions
,(
char
*
)
c
);
/* Put on the end of the queue unless it is already in the cache */
/* s != NULL iff we already had a session with the given PID.
* In this case, s == c should hold (then we did not really modify
* ctx->sessions), or we're in trouble. */
if
(
s
!=
NULL
&&
s
!=
c
)
{
/* We *are* in trouble ... */
SSL_SESSION_list_remove
(
ctx
,
s
);
SSL_SESSION_free
(
s
);
/* ... so pretend the other session did not exist in cache
* (we cannot handle two SSL_SESSION structures with identical
* session ID in the same cache, which could happen e.g. when
* two threads concurrently obtain the same session from an external
* cache) */
s
=
NULL
;
}
/* Put at the head of the queue unless it is already in the cache */
if
(
s
==
NULL
)
SSL_SESSION_list_add
(
ctx
,
c
);
/* If the same session if is being 're-added', Free the old
* one when the last person stops using it.
* This will also work if it is alread in the cache.
* The references will go up and then down :-) */
if
(
s
!=
NULL
)
{
SSL_SESSION_free
(
s
);
/* existing cache entry -- decrement previously incremented reference
* count because it already takes into account the cache */
SSL_SESSION_free
(
s
);
/* s == c */
ret
=
0
;
}
else
{
/* new cache entry -- remove old ones if cache has become too large */
ret
=
1
;
if
(
SSL_CTX_sess_get_cache_size
(
ctx
)
>
0
)
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录