diff options
| author | Todd Short <todd.short@me.com> | 2022-07-28 20:05:54 -0400 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-08-01 13:15:51 +0200 |
| commit | 4842a27b902660b672d72d2ed23e941461ca481c (patch) | |
| tree | e0a32fdb3ef2f19741c6a8f89a9b0a07de39efec /ssl/ssl_sess.c | |
| parent | 72a85c17aae602e881c917c3f6e93bd7f7260093 (diff) | |
Free up space in the session cache before adding.
Fixes #18690
In some circumstances, it's possible that when using an external
database for the session cache, that pulling in an entry from that
cache to the internal cache will cause the newly added entry to
be deleted from the internal cache. This is likely to happen when
the internal cache is set to have a small size, and the newly added
entry's timeout places it at the end of the cache list.
This could be fixed by updating the timestamp of the session (via
`SSL_SESSION_set_time()` or `SSL_SESSION_set_timeout()`) before
adding to the cache. But that may not be desireable.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18905)
Diffstat (limited to 'ssl/ssl_sess.c')
| -rw-r--r-- | ssl/ssl_sess.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 0a9f025fbb..942b1b82ce 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -757,25 +757,17 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) c->time = time(NULL); ssl_session_calculate_timeout(c); } - SSL_SESSION_list_add(ctx, c); - if (s != NULL) { - /* - * existing cache entry -- decrement previously incremented reference - * count because it already takes into account the cache - */ - - SSL_SESSION_free(s); /* s == c */ - ret = 0; - } else { + if (s == NULL) { /* * new cache entry -- remove old ones if cache has become too large + * delete cache entry *before* add, so we don't remove the one we're adding! */ ret = 1; if (SSL_CTX_sess_get_cache_size(ctx) > 0) { - while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { + while (SSL_CTX_sess_number(ctx) >= SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) break; else @@ -783,6 +775,18 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) } } } + + SSL_SESSION_list_add(ctx, c); + + if (s != NULL) { + /* + * existing cache entry -- decrement previously incremented reference + * count because it already takes into account the cache + */ + + SSL_SESSION_free(s); /* s == c */ + ret = 0; + } CRYPTO_THREAD_unlock(ctx->lock); return ret; } |