Fix bug with ssl_cache and max_entries=0

This commit is contained in:
Manuel Pégourié-Gonnard 2014-02-20 21:32:08 +01:00
parent 780d671f9d
commit 274a12e17c
3 changed files with 13 additions and 2 deletions

View File

@ -33,6 +33,8 @@ Bugfix
* Programs rsa_sign_pss and rsa_verify_pss were not using PSS since 1.3.0 * Programs rsa_sign_pss and rsa_verify_pss were not using PSS since 1.3.0
* Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
Alex Wilson.) Alex Wilson.)
* Fixed bug in ssl_cache: when max_entries = 0 and TIMING_C is enabled,
entries would still be created.
= PolarSSL 1.3.4 released on 2014-01-27 = PolarSSL 1.3.4 released on 2014-01-27
Features Features

View File

@ -106,7 +106,7 @@ int ssl_cache_set( void *data, const ssl_session *session );
* A timeout of 0 indicates no timeout. * A timeout of 0 indicates no timeout.
* *
* \param cache SSL cache context * \param cache SSL cache context
* \param timeout cache entry timeout * \param timeout cache entry timeout in seconds
*/ */
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ); void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
#endif /* POLARSSL_HAVE_TIME */ #endif /* POLARSSL_HAVE_TIME */

View File

@ -186,8 +186,14 @@ int ssl_cache_set( void *data, const ssl_session *session )
/* /*
* Reuse oldest entry if max_entries reached * Reuse oldest entry if max_entries reached
*/ */
if( old != NULL && count >= cache->max_entries ) if( count >= cache->max_entries )
{ {
if( old == NULL )
{
ret = 1;
goto exit;
}
cur = old; cur = old;
memset( &cur->session, 0, sizeof(ssl_session) ); memset( &cur->session, 0, sizeof(ssl_session) );
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
@ -228,6 +234,9 @@ int ssl_cache_set( void *data, const ssl_session *session )
#endif /* POLARSSL_HAVE_TIME */ #endif /* POLARSSL_HAVE_TIME */
else else
{ {
/*
* max_entries not reached, create new entry
*/
cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) ); cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) );
if( cur == NULL ) if( cur == NULL )
{ {