ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Disassociate the SSL object from the cached SSL_SESSION

Browse Source 
When the SSL object was destroyed, it would invalidate all SSL_SESSION
objects including the cached, but not yet used, TLS session objects.

Properly disassociate the SSL object from the SSL_SESSION before we
store it in the TLS session cache, so we can later destroy it without
invalidating the cached TLS sessions.

Co-authored-by: Ondřej Surý <ondrej@isc.org>
Co-authored-by: Artem Boldariev <artem@isc.org>
Co-authored-by: Aram Sargsyan <aram@isc.org>
(cherry picked from commit c11b736e44)
This commit is contained in:
Ondřej Surý
2024-08-07 14:58:02 +02:00
parent 24ac7a7cd2
commit bbf34c0604
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/isc/tls.c
View File

@@ -1657,6 +1657,8 @@ isc_tlsctx_client_session_cache_keep(isc_tlsctx_client_session_cache_t *cache,
return;
}
SSL_set_session(tls, NULL);
isc_mutex_lock(&cache->lock);
name_len = strlen(remote_peer_name);