generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Avoid a race condition.

Browse Source
This commit is contained in:
Bodo Möller 2000-01-24 17:57:56 +00:00
parent a46faa2bfd
commit 2557eaeac8
2 changed files with 25 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -4,6 +4,11 @@
Changes between 0.9.4 and 0.9.5 [xx XXX 1999] Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
*) Avoid a race condition in s2_clnt.c (function get_server_hello) that
made it impossible to use the same SSL_SESSION data structure in
SSL2 clients in multiple threads.
[Bodo Moeller]
*) The return value of RAND_load_file() no longer counts bytes obtained *) The return value of RAND_load_file() no longer counts bytes obtained
by stat(). RAND_load_file(..., -1) is new and uses the complete file by stat(). RAND_load_file(..., -1) is new and uses the complete file
to seed the PRNG (previously an explicit byte count was required). to seed the PRNG (previously an explicit byte count was required).

38
ssl/s2_clnt.c
View File

@ -435,26 +435,28 @@ static int get_server_hello(SSL *s)
return(-1); return(-1);
} }
s->session->cipher=sk_SSL_CIPHER_value(cl,i); s->session->cipher=sk_SSL_CIPHER_value(cl,i);
if (s->session->peer != NULL) /* can't happen*/
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_INTERNAL_ERROR);
return(-1);
}
s->session->peer = s->session->sess_cert->peer_key->x509;
/* peer_key->x509 has been set by ssl2_set_certificate. */
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
} }
if (s->session->peer != NULL) if (s->session->peer != s->session->sess_cert->peer_key->x509)
X509_free(s->session->peer); /* can't happen */
{
#if 0 /* What is all this meant to accomplish?? */ ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
/* hmmm, can we have the problem of the other session with this SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_INTERNAL_ERROR);
* cert, Free's it before we increment the reference count. */ return(-1);
CRYPTO_w_lock(CRYPTO_LOCK_X509); }
s->session->peer=s->session->sess_cert->key->x509;
/* Shouldn't do this: already locked */
/*CRYPTO_add(&s->session->peer->references,1,CRYPTO_LOCK_X509);*/
s->session->peer->references++;
CRYPTO_w_unlock(CRYPTO_LOCK_X509);
#else
s->session->peer = s->session->sess_cert->peer_key->x509;
/* peer_key->x509 has been set by ssl2_set_certificate. */
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
#endif
s->s2->conn_id_length=s->s2->tmp.conn_id_length; s->s2->conn_id_length=s->s2->tmp.conn_id_length;
memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
return(1); return(1);