Do not store unneeded data.

author Lutz Jänicke <jaenicke@openssl.org>

Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)

committer Lutz Jänicke <jaenicke@openssl.org>

Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)
author Lutz Jänicke <jaenicke@openssl.org>
Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)
committer Lutz Jänicke <jaenicke@openssl.org>
Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)
diff --git a/CHANGES b/CHANGES

index 5ad229b9e8e27f86168bd035d270af04da4a4551..e17a661e911cf93e5807826382369cfc2c6bc1c3 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -13,6 +13,11 @@
           *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
           +) applies to 0.9.7 only
  
           *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
           +) applies to 0.9.7 only
  
+  +) Do not store session data into the internal session cache, if it
+     is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+     flag is set). Proposed by Aslam <aslam@funk.com>.
+     [Lutz Jaenicke]
+
    +) Support for crypto accelerator cards from Accelerated Encryption
       Processing, www.aep.ie.  (Use engine 'aep')
       The support was copied from 0.9.6c [engine] and adapted/corrected
    +) Support for crypto accelerator cards from Accelerated Encryption
       Processing, www.aep.ie.  (Use engine 'aep')
       The support was copied from 0.9.6c [engine] and adapted/corrected
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index 49e22bf7fcb8f75704009089afeecd8d51283f8f..1195171a577d7023afd8625ad2336d5a935b7497 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1646,9 +1646,10 @@ void ssl_update_cache(SSL *s,int mode)
          * and it would be rather hard to do anyway :-) */
         if (s->session->session_id_length == 0) return;
  
          * and it would be rather hard to do anyway :-) */
         if (s->session->session_id_length == 0) return;
  
-       if ((s->ctx->session_cache_mode & mode)
-               && (!s->hit)
-               && SSL_CTX_add_session(s->ctx,s->session)
+       i=s->ctx->session_cache_mode;
+       if ((i & mode) && (!s->hit)
+               && ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)
+                   || SSL_CTX_add_session(s->ctx,s->session))
                 && (s->ctx->new_session_cb != NULL))
                 {
                 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
                 && (s->ctx->new_session_cb != NULL))
                 {
                 CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
@@ -1657,7 +1658,6 @@ void ssl_update_cache(SSL *s,int mode)
                 }
  
         /* auto flush every 255 connections */
                 }
  
         /* auto flush every 255 connections */
-       i=s->ctx->session_cache_mode;
         if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
                 ((i & mode) == mode))
                 {
         if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
                 ((i & mode) == mode))
                 {
author	Lutz Jänicke <jaenicke@openssl.org>
	Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)
committer	Lutz Jänicke <jaenicke@openssl.org>
	Fri, 8 Feb 2002 15:15:04 +0000 (15:15 +0000)
CHANGES		patch \| blob \| history
ssl/ssl_lib.c		patch \| blob \| history