mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-25 11:03:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Avoid a race condition.

Browse Source
This commit is contained in:
Bodo Möller 2000-01-24 17:57:56 +00:00
parent a46faa2bfd
commit 2557eaeac8
2 changed files with 25 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -4,6 +4,11 @@
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
*) Avoid a race condition in s2_clnt.c (function get_server_hello) that
made it impossible to use the same SSL_SESSION data structure in
SSL2 clients in multiple threads.
[Bodo Moeller]
*) The return value of RAND_load_file() no longer counts bytes obtained
by stat(). RAND_load_file(..., -1) is new and uses the complete file
to seed the PRNG (previously an explicit byte count was required).

38
ssl/s2_clnt.c
View File

@ -435,26 +435,28 @@ static int get_server_hello(SSL *s)
return(-1);
}
s->session->cipher=sk_SSL_CIPHER_value(cl,i);
if (s->session->peer != NULL) /* can't happen*/
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_INTERNAL_ERROR);
return(-1);
}
s->session->peer = s->session->sess_cert->peer_key->x509;
/* peer_key->x509 has been set by ssl2_set_certificate. */
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
}
if (s->session->peer != NULL)
X509_free(s->session->peer);
#if 0 /* What is all this meant to accomplish?? */
/* hmmm, can we have the problem of the other session with this
* cert, Free's it before we increment the reference count. */
CRYPTO_w_lock(CRYPTO_LOCK_X509);
s->session->peer=s->session->sess_cert->key->x509;
/* Shouldn't do this: already locked */
/*CRYPTO_add(&s->session->peer->references,1,CRYPTO_LOCK_X509);*/
s->session->peer->references++;
CRYPTO_w_unlock(CRYPTO_LOCK_X509);
#else
s->session->peer = s->session->sess_cert->peer_key->x509;
/* peer_key->x509 has been set by ssl2_set_certificate. */
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
#endif
if (s->session->peer != s->session->sess_cert->peer_key->x509)
/* can't happen */
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_INTERNAL_ERROR);
return(-1);
}
s->s2->conn_id_length=s->s2->tmp.conn_id_length;
memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
return(1);