Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351): Make sure, that cipher_id is set before comparing. Submitted by: Reviewed by: PR: 288 (and 351)
This commit is contained in:
Lutz Jänicke
parent
1e3a9b650f
commit
6a8afe2201
7
CHANGES
7
CHANGES
@ -2111,6 +2111,13 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
|||||||
|
|
||||||
Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
|
Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
|
||||||
|
|
||||||
|
*) Bugfix: client side session caching did not work with external caching,
|
||||||
|
because the session->cipher setting was not restored when reloading
|
||||||
|
from the external cache. This problem was masked, when
|
||||||
|
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
|
||||||
|
(Found by Steve Haslam <steve@araqnid.ddts.net>.)
|
||||||
|
[Lutz Jaenicke]
|
||||||
|
|
||||||
*) Fix client_certificate (ssl/s2_clnt.c): The permissible total
|
*) Fix client_certificate (ssl/s2_clnt.c): The permissible total
|
||||||
length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
|
length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
|
||||||
[Zeev Lieber <zeev-l@yahoo.com>]
|
[Zeev Lieber <zeev-l@yahoo.com>]
|
||||||
|
|||||||
@ -722,6 +722,11 @@ static int ssl3_get_server_hello(SSL *s)
|
|||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Depending on the session caching (internal/external), the cipher
|
||||||
|
and/or cipher_id values may not be set. Make sure that
|
||||||
|
cipher_id is set and use it for comparison. */
|
||||||
|
if (s->session->cipher)
|
||||||
|
s->session->cipher_id = s->session->cipher->id;
|
||||||
if (s->hit && (s->session->cipher_id != c->id))
|
if (s->hit && (s->session->cipher_id != c->id))
|
||||||
{
|
{
|
||||||
if (!(s->options &
|
if (!(s->options &
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user