AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't cache empty session ID nor resumed session

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-08-02 14:13:02 +02:00 committed by Paul Bakker
parent 7cd5924cec
commit c086cce3d3
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
library/ssl_srv.c
View File

@ -1303,6 +1303,7 @@ static int ssl_write_server_hello( ssl_context *ssl )
*/
if( ssl->handshake->resume == 0 &&
ssl->renegotiation == SSL_INITIAL_HANDSHAKE &&
ssl->session_negotiate->length != 0 &&
ssl->f_get_cache != NULL &&
ssl->f_get_cache( ssl->p_get_cache, ssl->session_negotiate ) == 0 )
{

8
library/ssl_tls.c
View File

@ -2539,6 +2539,8 @@ static void ssl_calc_finished_tls_sha384(
void ssl_handshake_wrapup( ssl_context *ssl )
{
int resume = ssl->handshake->resume;
SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
/*
@ -2570,9 +2572,13 @@ void ssl_handshake_wrapup( ssl_context *ssl )
/*
* Add cache entry
*/
if( ssl->f_set_cache != NULL )
if( ssl->f_set_cache != NULL &&
ssl->session->length != 0 &&
resume == 0 )
{
if( ssl->f_set_cache( ssl->p_set_cache, ssl->session ) != 0 )
SSL_DEBUG_MSG( 1, ( "cache did not store session" ) );
}
ssl->state++;