Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().

Submitted by: Reviewed by: PR: 212
author: Lutz Jänicke <jaenicke@openssl.org> 2002-08-16 17:02:30 +0000
committer: Lutz Jänicke <jaenicke@openssl.org> 2002-08-16 17:02:30 +0000
commit: 68a9ee13e81fcb21e6ef43fa8a7de1a6b6ee0a9a (patch)
tree: b86f1852f081f11d6b55dbd720fb2acbe5c6241d /ssl/ssl_lib.c
parent: a64f08f3dd2e97267411bc53d0b7ad393c699490 (diff)
1 files changed, 14 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index ab172aeaec..4bc4ce5b3a 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1405,13 +1405,24 @@ void SSL_CTX_free(SSL_CTX *a)
 		abort(); /* ok */
 		}
 #endif
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
 
+	/*
+	 * Free internal session cache. However: the remove_cb() may reference
+	 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
+	 * after the sessions were flushed.
+	 * As the ex_data handling routines might also touch the session cache,
+	 * the most secure solution seems to be: empty (flush) the cache, then
+	 * free ex_data, then finally free the cache.
+	 * (See ticket [openssl.org #212].)
+	 */
 	if (a->sessions != NULL)
-		{
 		SSL_CTX_flush_sessions(a,0);
+
+	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
+
+	if (a->sessions != NULL)
 		lh_free(a->sessions);
-		}
+
 	if (a->cert_store != NULL)
 		X509_STORE_free(a->cert_store);
 	if (a->cipher_list != NULL)
author	Lutz Jänicke <jaenicke@openssl.org>	2002-08-16 17:02:30 +0000
committer	Lutz Jänicke <jaenicke@openssl.org>	2002-08-16 17:02:30 +0000
commit	68a9ee13e81fcb21e6ef43fa8a7de1a6b6ee0a9a (patch)
tree	b86f1852f081f11d6b55dbd720fb2acbe5c6241d /ssl/ssl_lib.c
parent	a64f08f3dd2e97267411bc53d0b7ad393c699490 (diff)