Fix bug with ssl_cache and max_entries=0

2014-02-20 21:32:08 +01:00 · 2014-02-20 21:32:08 +01:00 · 274a12e17c
commit 274a12e17c
parent 780d671f9d
3 changed files with 13 additions and 2 deletions
--- a/2
+++ b/2
@ -33,6 +33,8 @@ Bugfix
   * Programs rsa_sign_pss and rsa_verify_pss were not using PSS since 1.3.0
   * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
     Alex Wilson.)
+   * Fixed bug in ssl_cache: when max_entries = 0 and TIMING_C is enabled,
+     entries would still be created.

 = PolarSSL 1.3.4 released on 2014-01-27
 Features
--- a/include/polarssl/ssl_cache.h
+++ b/include/polarssl/ssl_cache.h
@ -106,7 +106,7 @@ int ssl_cache_set( void *data, const ssl_session *session );
 *                 A timeout of 0 indicates no timeout.
 *
 * \param cache    SSL cache context
- * \param timeout  cache entry timeout
+ * \param timeout  cache entry timeout in seconds
 */
 void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
 #endif /* POLARSSL_HAVE_TIME */
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@ -186,8 +186,14 @@ int ssl_cache_set( void *data, const ssl_session *session )
        /*
         * Reuse oldest entry if max_entries reached
         */
-        if( old != NULL && count >= cache->max_entries )
+        if( count >= cache->max_entries )
        {
+            if( old == NULL )
+            {
+                ret = 1;
+                goto exit;
+            }
+
            cur = old;
            memset( &cur->session, 0, sizeof(ssl_session) );
 #if defined(POLARSSL_X509_CRT_PARSE_C)
@ -228,6 +234,9 @@ int ssl_cache_set( void *data, const ssl_session *session )
 #endif /* POLARSSL_HAVE_TIME */
        else
        {
+            /*
+             * max_entries not reached, create new entry
+             */
            cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) );
            if( cur == NULL )
            {