mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-12-24 11:01:00 +01:00
Code Issues Projects Releases Wiki Activity

BUG/MEDIUM: shctx: makes the code independent on SSL runtime version.

Browse Source 
struct SSL(ssl_st) defintion changed between openssl versions and must not be dereferenced.
This commit is contained in:
Emeric Brun 2013-04-26 18:56:49 +02:00 committed by Willy Tarreau
parent 0cff0dbfc0
commit f27af0dcc6
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/shctx.c
View File

@ -350,7 +350,7 @@ int shctx_new_cb(SSL *ssl, SSL_SESSION *sess)
unsigned char encsess[sizeof(struct shsess_packet)+SHSESS_MAX_DATA_LEN];
struct shsess_packet *packet = (struct shsess_packet *)encsess;
unsigned char *p;
int data_len, sid_length;
int data_len, sid_length, sid_ctx_length;
/* Session id is already stored in to key and session id is known
@ -358,6 +358,7 @@ int shctx_new_cb(SSL *ssl, SSL_SESSION *sess)
*/
sid_length = sess->session_id_length;
sess->session_id_length = 0;
sid_ctx_length = sess->sid_ctx_length;
sess->sid_ctx_length = 0;
/* check if buffer is large enough for the ASN1 encoded session */
@ -382,8 +383,8 @@ int shctx_new_cb(SSL *ssl, SSL_SESSION *sess)
err:
/* reset original length values */
sess->sid_ctx_length = ssl->sid_ctx_length;
sess->session_id_length = sid_length;
sess->sid_ctx_length = sid_ctx_length;
return 0; /* do not increment session reference count */
}
@ -461,7 +462,7 @@ SSL_SESSION *shctx_get_cb(SSL *ssl, unsigned char *key, int key_len, int *do_cop
if (sess) {
memcpy(sess->session_id, key, key_len);
sess->session_id_length = key_len;
memcpy(sess->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length);
memcpy(sess->sid_ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
sess->sid_ctx_length = ssl->sid_ctx_length;
}