ssl_sess.c: grab a copy of the session ID

The user callback takes a non-const pointer, so don't pass PACKET data to it directly; rather, grab a local copy. Reviewed-by: Matt Caswell <matt@openssl.org>
author: Emilia Kasper <emilia@openssl.org> 2015-10-01 13:00:39 +0200
committer: Emilia Kasper <emilia@openssl.org> 2015-10-05 19:03:52 +0200
commit: bf0fc41266f17311c5db1e0541d3dd12eb27deb6 (patch)
tree: bf4b0b182e36f33b0a2ab3a97a4a914245e48739 /ssl/ssl_sess.c
parent: 38a3cbfbf728da0282c7e4ba29502740d853b1e6 (diff)
1 files changed, 8 insertions, 6 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 83171f1f9f..41bc4e11a3 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -583,13 +583,15 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
     if (try_session_cache &&
         ret == NULL && s->session_ctx->get_session_cb != NULL) {
         int copy = 1;
+        /* The user callback takes a non-const pointer, so grab a local copy. */
+        unsigned char *sid = NULL;
+        size_t sid_len;
+        if (!PACKET_memdup(session_id, &sid, &sid_len))
+            goto err;
+        ret = s->session_ctx->get_session_cb(s, sid, sid_len, &copy);
+        OPENSSL_free(sid);
 
-        /*
-         * TODO(openssl-team): grab a copy of the data in |session_id|
-         * so that the PACKET data can be made const.
-         */
-        if ((ret = s->session_ctx->get_session_cb(s, PACKET_data(session_id),
-                                                  len, &copy))) {
+        if (ret != NULL) {
             s->session_ctx->stats.sess_cb_hit++;
 
             /*
author	Emilia Kasper <emilia@openssl.org>	2015-10-01 13:00:39 +0200
committer	Emilia Kasper <emilia@openssl.org>	2015-10-05 19:03:52 +0200
commit	bf0fc41266f17311c5db1e0541d3dd12eb27deb6 (patch)
tree	bf4b0b182e36f33b0a2ab3a97a4a914245e48739 /ssl/ssl_sess.c
parent	38a3cbfbf728da0282c7e4ba29502740d853b1e6 (diff)