Make removal from session cache more robust.

author: Lutz Jänicke <jaenicke@openssl.org> 2002-02-10 12:46:41 +0000
committer: Lutz Jänicke <jaenicke@openssl.org> 2002-02-10 12:46:41 +0000
commit: acfe628b6e093e64d1fba5fea1d5f9b3a7d119cc (patch)
tree: 74d039aa5957d710f36f9755c27807c2e35031b5 /CHANGES
parent: 182d8435f03521e6afccd6bdfbfc698502f240b4 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index e17a661e91..4db9aadf87 100644
--- a/CHANGES
+++ b/CHANGES
@@ -13,7 +13,13 @@
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
-  +) Do not store session data into the internal session cache, if it
+  *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
+     check whether we deal with a copy of a session and do not delete from
+     the cache in this case. Problem reported by "Izhar Shoshani Levi"
+     <izhar@checkpoint.com>.
+     [Lutz Jaenicke]
+
+  *) Do not store session data into the internal session cache, if it
      is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
      flag is set). Proposed by Aslam <aslam@funk.com>.
      [Lutz Jaenicke]
author	Lutz Jänicke <jaenicke@openssl.org>	2002-02-10 12:46:41 +0000
committer	Lutz Jänicke <jaenicke@openssl.org>	2002-02-10 12:46:41 +0000
commit	acfe628b6e093e64d1fba5fea1d5f9b3a7d119cc (patch)
tree	74d039aa5957d710f36f9755c27807c2e35031b5 /CHANGES
parent	182d8435f03521e6afccd6bdfbfc698502f240b4 (diff)