X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_sess.c;h=41abe44a82bbd328b937c55dd2150468f02668ec;hp=f6021348a476bb4a7d01392e99516e450449cd33;hb=a8c1c7040aabdb78f9bec21ba16be8f262de1444;hpb=846e33c729311169d9c988ceba29484b3783f244

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index f6021348a4..41abe44a82 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -359,6 +359,7 @@ int ssl_get_new_session(SSL *s, int session)
         CRYPTO_THREAD_unlock(s->session_ctx->lock);
         CRYPTO_THREAD_unlock(s->lock);
         /* Choose a session ID */
+        memset(ss->session_id, 0, ss->session_id_length);
         tmp = ss->session_id_length;
         if (!cb(s, ss->session_id, &tmp)) {
             /* The callback failed */
@@ -471,6 +472,7 @@ int ssl_get_prev_session(SSL *s, const PACKET *ext, const PACKET *session_id)
         SSL_SESSION data;
         size_t local_len;
         data.ssl_version = s->version;
+        memset(data.session_id, 0, sizeof(data.session_id));
         if (!PACKET_copy_all(session_id, data.session_id,
                              sizeof(data.session_id),
                              &local_len)) {
@@ -774,28 +776,20 @@ int SSL_SESSION_up_ref(SSL_SESSION *ss)
 
 int SSL_set_session(SSL *s, SSL_SESSION *session)
 {
-    int ret = 0;
-    if (session != NULL) {
-        if (s->ctx->method != s->method) {
-            if (!SSL_set_ssl_method(s, s->ctx->method))
-                return (0);
-        }
+    ssl_clear_bad_session(s);
+    if (s->ctx->method != s->method) {
+        if (!SSL_set_ssl_method(s, s->ctx->method))
+            return 0;
+    }
 
+    if (session != NULL) {
         SSL_SESSION_up_ref(session);
-        SSL_SESSION_free(s->session);
-        s->session = session;
-        s->verify_result = s->session->verify_result;
-        ret = 1;
-    } else {
-        SSL_SESSION_free(s->session);
-        s->session = NULL;
-        if (s->ctx->method != s->method) {
-            if (!SSL_set_ssl_method(s, s->ctx->method))
-                return (0);
-        }
-        ret = 1;
+        s->verify_result = session->verify_result;
     }
-    return (ret);
+    SSL_SESSION_free(s->session);
+    s->session = session;
+
+    return 1;
 }
 
 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
@@ -828,6 +822,11 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t)
     return (t);
 }
 
+int SSL_SESSION_get_protocol_version(const SSL_SESSION *s)
+{
+    return s->ssl_version;
+}
+
 const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s)
 {
     return s->tlsext_hostname;
@@ -977,10 +976,10 @@ void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
         return;
     tp.time = t;
     CRYPTO_THREAD_write_lock(s->lock);
-    i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
-    CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
+    i = lh_SSL_SESSION_get_down_load(s->sessions);
+    lh_SSL_SESSION_set_down_load(s->sessions, 0);
     lh_SSL_SESSION_doall_TIMEOUT_PARAM(tp.cache, timeout_cb, &tp);
-    CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
+    lh_SSL_SESSION_set_down_load(s->sessions, i);
     CRYPTO_THREAD_unlock(s->lock);
 }
 
@@ -989,7 +988,7 @@ int ssl_clear_bad_session(SSL *s)
     if ((s->session != NULL) &&
         !(s->shutdown & SSL_SENT_SHUTDOWN) &&
         !(SSL_in_init(s) || SSL_in_before(s))) {
-        SSL_CTX_remove_session(s->ctx, s->session);
+        SSL_CTX_remove_session(s->session_ctx, s->session);
         return (1);
     } else
         return (0);