Dup peer_chain properly in SSL_SESSION
authorDr. Stephen Henson <steve@openssl.org>
Tue, 30 Jun 2015 12:58:25 +0000 (13:58 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 30 Jun 2015 13:00:43 +0000 (14:00 +0100)
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/ssl_sess.c

index 03c6ac087d394a6e0ab93e8bd2e58a822c3d4939..9063bca415e821eab2f64b4255e641101ab1d124 100644 (file)
@@ -268,6 +268,12 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     if (src->peer != NULL)
         CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
 
+    if (src->peer_chain != NULL) {
+        dest->peer_chain = X509_chain_up_ref(src->peer_chain);
+        if (dest->peer_chain == NULL)
+            goto err;
+    }
+
 #ifndef OPENSSL_NO_PSK
     if (src->psk_identity_hint) {
         dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);