diff options
author | Bodo Möller <bodo@openssl.org> | 1999-11-16 23:15:41 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 1999-11-16 23:15:41 +0000 |
commit | b1fe6ca175bdbb51a064c1e5519b21d80804e7c6 (patch) | |
tree | 10b79bff688db09e68db3edba6872022c4af1459 /ssl/ssl_sess.c | |
parent | 91895a5938695348ebfb6211325cc6e3e449e955 (diff) |
Store verify_result with sessions to avoid potential security hole.
Diffstat (limited to 'ssl/ssl_sess.c')
-rw-r--r-- | ssl/ssl_sess.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 4dddf627cd..57ee7eb3c5 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -112,6 +112,7 @@ SSL_SESSION *SSL_SESSION_new(void) } memset(ss,0,sizeof(SSL_SESSION)); + ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ ss->references=1; ss->timeout=60*5+4; /* 5 minute timeout by default */ ss->time=time(NULL); @@ -190,6 +191,7 @@ int ssl_get_new_session(SSL *s, int session) ss->sid_ctx_length=s->sid_ctx_length; s->session=ss; ss->ssl_version=s->version; + ss->verify_result = X509_V_OK; return(1); } @@ -320,6 +322,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) if (s->session != NULL) SSL_SESSION_free(s->session); s->session=ret; + s->verify_result = s->session->verify_result; return(1); err: |