Update information as a partial response to the post
From: "Chris D. Peterson" <cpeterson@aventail.com> Subject: Implementation Issues with OpenSSL To: openssl-users@openssl.org Date: Wed, 22 Aug 2001 16:13:17 -0700 The patch included in the original post may improve the internal session list handling (and is therefore worth a seperate investigation). No change to the list handling will however solve the problems of incorrect SSL_SESSION_free() calls. The session list is only one possible point of failure, dangling pointers would also occur for SSL object currently using the session. The correct solution is to only use SSL_SESSION_free() when applicable!
This commit is contained in:
Lutz Jänicke
parent
46ff8e0d0a
commit
aa8a33c230
@ -70,12 +70,16 @@ proposed by the client. The get_session_cb() is always called, also when
|
|||||||
session caching was disabled. The get_session_cb() is passed the
|
session caching was disabled. The get_session_cb() is passed the
|
||||||
B<ssl> connection, the session id of length B<length> at the memory location
|
B<ssl> connection, the session id of length B<length> at the memory location
|
||||||
B<data>. With the parameter B<copy> the callback can require the
|
B<data>. With the parameter B<copy> the callback can require the
|
||||||
SSL engine to increment the reference count of the SSL_SESSION object.
|
SSL engine to increment the reference count of the SSL_SESSION object,
|
||||||
|
Normally the reference count is not incremented and therefore the
|
||||||
|
session must not be explicitly freed with
|
||||||
|
L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
|
L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
|
||||||
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
|
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
|
||||||
L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)>
|
L<SSL_CTX_flush_sessions(3)|<SSL_CTX_flush_sessions(3)>,
|
||||||
|
L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
|
||||||
|
|
||||||
=cut
|
=cut
|
||||||
|
|||||||
@ -16,12 +16,40 @@ SSL_SESSION_free() decrements the reference count of B<session> and removes
|
|||||||
the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
|
the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
|
||||||
memory, if the the reference count has reached 0.
|
memory, if the the reference count has reached 0.
|
||||||
|
|
||||||
|
=head1 NOTES
|
||||||
|
|
||||||
|
SSL_SESSION objects are allocated, when a TLS/SSL handshake operation
|
||||||
|
is successfully completed. Depending on the settings, see
|
||||||
|
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
|
||||||
|
the SSL_SESSION objects are internally referenced by the SSL_CTX and
|
||||||
|
linked into its session cache. SSL objects may be using the SSL_SESSION object;
|
||||||
|
as a session may be reused, several SSL objects may be using one SSL_SESSION
|
||||||
|
object at the same time. It is therefore crucial to keep the reference
|
||||||
|
count (usage information) correct and not delete a SSL_SESSION object
|
||||||
|
that is still used, as this may lead to program failures due to
|
||||||
|
dangling pointers. These failures may also appear delayed, e.g.
|
||||||
|
when an SSL_SESSION object was completely freed as the reference count
|
||||||
|
incorrectly became 0, but it is still referenced in the internal
|
||||||
|
session cache and the cache list is processed during a
|
||||||
|
L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> operation.
|
||||||
|
|
||||||
|
SSL_SESSION_free() must only be called for SSL_SESSION objects, for
|
||||||
|
which the reference count was explicitly incremented (e.g.
|
||||||
|
by calling SSL_get1_session(), see L<SSL_get_session(3)|SSL_get_session(3)>)
|
||||||
|
or when the SSL_SESSION object was generated outside a TLS handshake
|
||||||
|
operation, e.g. by using L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>.
|
||||||
|
It must not be called on other SSL_SESSION objects, as this would cause
|
||||||
|
incorrect reference counts and therefore program failures.
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
SSL_SESSION_free() does not provide diagnostic information.
|
SSL_SESSION_free() does not provide diagnostic information.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)>
|
L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)>,
|
||||||
|
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
|
||||||
|
L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
|
||||||
|
L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
|
||||||
|
|
||||||
=cut
|
=cut
|
||||||
|
|||||||
@ -40,6 +40,12 @@ If the data is to be kept, SSL_get1_session() will increment the reference
|
|||||||
count and the session will stay in memory until explicitly freed with
|
count and the session will stay in memory until explicitly freed with
|
||||||
L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, regardless of its state.
|
L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, regardless of its state.
|
||||||
|
|
||||||
|
SSL_SESSION objects keep internal link information about the session cache
|
||||||
|
list, when being inserted into one SSL_CTX object's session cache.
|
||||||
|
One SSL_SESSION object, regardless of its reference count, must therefore
|
||||||
|
only be used with one SSL_CTX object (and the SSL objects created
|
||||||
|
from this SSL_CTX object).
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
The following return values can occur:
|
The following return values can occur:
|
||||||
|
|||||||
@ -23,6 +23,14 @@ If there is already a session set inside B<ssl> (because it was set with
|
|||||||
SSL_set_session() before or because the same B<ssl> was already used for
|
SSL_set_session() before or because the same B<ssl> was already used for
|
||||||
a connection), SSL_SESSION_free() will be called for that session.
|
a connection), SSL_SESSION_free() will be called for that session.
|
||||||
|
|
||||||
|
=head1 NOTES
|
||||||
|
|
||||||
|
SSL_SESSION objects keep internal link information about the session cache
|
||||||
|
list, when being inserted into one SSL_CTX object's session cache.
|
||||||
|
One SSL_SESSION object, regardless of its reference count, must therefore
|
||||||
|
only be used with one SSL_CTX object (and the SSL objects created
|
||||||
|
from this SSL_CTX object).
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
The following return values can occur:
|
The following return values can occur:
|
||||||
@ -42,6 +50,7 @@ The operation succeeded.
|
|||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
|
L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
|
||||||
|
L<SSL_get_session(3)|SSL_get_session(3)>,
|
||||||
L<SSL_session_reused(3)|SSL_session_reused(3)>,
|
L<SSL_session_reused(3)|SSL_session_reused(3)>,
|
||||||
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
|
L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
|
||||||
|
|
||||||
|
|||||||
@ -30,7 +30,17 @@ session data on disk or into a database, it must be transformed into
|
|||||||
a binary ASN1 representation.
|
a binary ASN1 representation.
|
||||||
|
|
||||||
When using d2i_SSL_SESSION(), the SSL_SESSION object is automatically
|
When using d2i_SSL_SESSION(), the SSL_SESSION object is automatically
|
||||||
allocated.
|
allocated. The reference count is 1, so that the session must be
|
||||||
|
explicitly removed using L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
|
||||||
|
unless the SSL_SESSION object is completely taken over, when being called
|
||||||
|
inside the get_session_cb() (see
|
||||||
|
L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
|
||||||
|
|
||||||
|
SSL_SESSION objects keep internal link information about the session cache
|
||||||
|
list, when being inserted into one SSL_CTX object's session cache.
|
||||||
|
One SSL_SESSION object, regardless of its reference count, must therefore
|
||||||
|
only be used with one SSL_CTX object (and the SSL objects created
|
||||||
|
from this SSL_CTX object).
|
||||||
|
|
||||||
When using i2d_SSL_SESSION(), the memory location pointed to by B<pp> must be
|
When using i2d_SSL_SESSION(), the memory location pointed to by B<pp> must be
|
||||||
large enough to hold the binary representation of the session. There is no
|
large enough to hold the binary representation of the session. There is no
|
||||||
@ -50,7 +60,7 @@ When the session is not valid, B<0> is returned and no operation is performed.
|
|||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
L<ssl(3)|ssl(3)>,
|
L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
|
||||||
L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
|
L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
|
||||||
|
|
||||||
=cut
|
=cut
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user