diff options
| author | Lutz Jänicke <jaenicke@openssl.org> | 2001-10-12 12:29:16 +0000 |
|---|---|---|
| committer | Lutz Jänicke <jaenicke@openssl.org> | 2001-10-12 12:29:16 +0000 |
| commit | 56fa8e69cf1e742da8087de60152519127c79983 (patch) | |
| tree | aa026c22408adb0da69eecf11396115a26322396 /doc/ssl/SSL_SESSION_free.pod | |
| parent | 67d0738aba4988a239d57f6cd7aa36cf27df1f92 (diff) | |
Update information as a partial response to the post
From: "Chris D. Peterson" <cpeterson@aventail.com>
Subject: Implementation Issues with OpenSSL
To: openssl-users@openssl.org
Date: Wed, 22 Aug 2001 16:13:17 -0700
The patch included in the original post may improve the internal session
list handling (and is therefore worth a seperate investigation).
No change to the list handling will however solve the problems of incorrect
SSL_SESSION_free() calls. The session list is only one possible point of
failure, dangling pointers would also occur for SSL object currently
using the session. The correct solution is to only use SSL_SESSION_free()
when applicable!
Diffstat (limited to 'doc/ssl/SSL_SESSION_free.pod')
| -rw-r--r-- | doc/ssl/SSL_SESSION_free.pod | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/doc/ssl/SSL_SESSION_free.pod b/doc/ssl/SSL_SESSION_free.pod index 9275d88a40..558de01df9 100644 --- a/doc/ssl/SSL_SESSION_free.pod +++ b/doc/ssl/SSL_SESSION_free.pod @@ -16,12 +16,40 @@ SSL_SESSION_free() decrements the reference count of B<session> and removes the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated memory, if the the reference count has reached 0. +=head1 NOTES + +SSL_SESSION objects are allocated, when a TLS/SSL handshake operation +is successfully completed. Depending on the settings, see +L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, +the SSL_SESSION objects are internally referenced by the SSL_CTX and +linked into its session cache. SSL objects may be using the SSL_SESSION object; +as a session may be reused, several SSL objects may be using one SSL_SESSION +object at the same time. It is therefore crucial to keep the reference +count (usage information) correct and not delete a SSL_SESSION object +that is still used, as this may lead to program failures due to +dangling pointers. These failures may also appear delayed, e.g. +when an SSL_SESSION object was completely freed as the reference count +incorrectly became 0, but it is still referenced in the internal +session cache and the cache list is processed during a +L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> operation. + +SSL_SESSION_free() must only be called for SSL_SESSION objects, for +which the reference count was explicitly incremented (e.g. +by calling SSL_get1_session(), see L<SSL_get_session(3)|SSL_get_session(3)>) +or when the SSL_SESSION object was generated outside a TLS handshake +operation, e.g. by using L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>. +It must not be called on other SSL_SESSION objects, as this would cause +incorrect reference counts and therefore program failures. + =head1 RETURN VALUES SSL_SESSION_free() does not provide diagnostic information. =head1 SEE ALSO -L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)> +L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)>, +L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>, +L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>, + L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> =cut |