Always use session_ctx when removing a session Sessions are stored on the session_ctx, which doesn't change after SSL_set_SSL_CTX(). Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index a7cffc8..9e043f5 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c
@@ -740,7 +740,7 @@ BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; - SSL_CTX_remove_session(s->ctx, s->session); + SSL_CTX_remove_session(s->session_ctx, s->session); return (0); } else { al = SSL_AD_ILLEGAL_PARAMETER;
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 7326076..bce82a7 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c
@@ -1372,7 +1372,7 @@ BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr); ERR_add_error_data(2, "SSL alert number ", tmp); s->shutdown |= SSL_RECEIVED_SHUTDOWN; - SSL_CTX_remove_session(s->ctx, s->session); + SSL_CTX_remove_session(s->session_ctx, s->session); return (0); } else { al = SSL_AD_ILLEGAL_PARAMETER;
diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c index 78ae099..185f0e9 100644 --- a/ssl/s3_msg.c +++ b/ssl/s3_msg.c
@@ -72,7 +72,7 @@ return -1; /* If a fatal one, remove from cache */ if ((level == SSL3_AL_FATAL) && (s->session != NULL)) - SSL_CTX_remove_session(s->ctx, s->session); + SSL_CTX_remove_session(s->session_ctx, s->session); s->s3->alert_dispatch = 1; s->s3->send_alert[0] = level;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 3799db1..a6957b3 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -746,9 +746,9 @@ r.session_id_length = id_len; memcpy(r.session_id, id, id_len); - CRYPTO_THREAD_read_lock(ssl->ctx->lock); - p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r); - CRYPTO_THREAD_unlock(ssl->ctx->lock); + CRYPTO_THREAD_read_lock(ssl->session_ctx->lock); + p = lh_SSL_SESSION_retrieve(ssl->session_ctx->sessions, &r); + CRYPTO_THREAD_unlock(ssl->session_ctx->lock); return (p != NULL); }
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index f13e466..9095363 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c
@@ -994,7 +994,7 @@ if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) && !(SSL_in_init(s) || SSL_in_before(s))) { - SSL_CTX_remove_session(s->ctx, s->session); + SSL_CTX_remove_session(s->session_ctx, s->session); return (1); } else return (0);