git.openssl.org Git - openssl.git/commit

author	Todd Short <todd.short@me.com>
	Fri, 29 Jul 2022 00:05:54 +0000 (20:05 -0400)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 1 Aug 2022 11:15:51 +0000 (13:15 +0200)
commit	4842a27b902660b672d72d2ed23e941461ca481c
tree	e0a32fdb3ef2f19741c6a8f89a9b0a07de39efec	tree \| snapshot
parent	72a85c17aae602e881c917c3f6e93bd7f7260093	commit \| diff

Free up space in the session cache before adding.

Fixes #18690

In some circumstances, it's possible that when using an external
database for the session cache, that pulling in an entry from that
cache to the internal cache will cause the newly added entry to
be deleted from the internal cache. This is likely to happen when
the internal cache is set to have a small size, and the newly added
entry's timeout places it at the end of the cache list.

This could be fixed by updating the timestamp of the session (via
`SSL_SESSION_set_time()` or `SSL_SESSION_set_timeout()`) before
adding to the cache. But that may not be desireable.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18905)

ssl/ssl_sess.c		diff \| blob \| history
test/sslapitest.c		diff \| blob \| history