Remove sessions from external cache, even if internal cache not used. If the SSL_SESS_CACHE_NO_INTERNAL_STORE cache mode is used then we weren't removing sessions from the external cache, e.g. if an alert occurs the session is supposed to be automatically removed. Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 41abe44..74250c2 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c
@@ -708,16 +708,16 @@ r = lh_SSL_SESSION_delete(ctx->sessions, c); SSL_SESSION_list_remove(ctx, c); } + c->not_resumable = 1; if (lck) CRYPTO_THREAD_unlock(ctx->lock); - if (ret) { - r->not_resumable = 1; - if (ctx->remove_session_cb != NULL) - ctx->remove_session_cb(ctx, r); + if (ret) SSL_SESSION_free(r); - } + + if (ctx->remove_session_cb != NULL) + ctx->remove_session_cb(ctx, c); } else ret = 0; return (ret);
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index bef2583..4bd5a29 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c
@@ -1839,16 +1839,9 @@ */ if (i & SSL_SESS_CACHE_CLIENT) { /* - * Remove the old session from the cache + * Remove the old session from the cache. We carry on if this fails */ - if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) { - if (s->session_ctx->remove_session_cb != NULL) - s->session_ctx->remove_session_cb(s->session_ctx, - s->session); - } else { - /* We carry on if this fails */ - SSL_CTX_remove_session(s->session_ctx, s->session); - } + SSL_CTX_remove_session(s->session_ctx, s->session); } if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {