if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
goto err;
+ if (session_id + len > limit) {
+ fatal = 1;
+ goto err;
+ }
+
if (len == 0)
try_session_cache = 0;
* The following should not return 1, otherwise, things are
* very strange
*/
- if(SSL_CTX_add_session(s->session_ctx, ret))
+ if (SSL_CTX_add_session(s->session_ctx, ret))
goto err;
}
}
OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
- if (ss->sess_cert != NULL)
- ssl_sess_cert_free(ss->sess_cert);
+ ssl_sess_cert_free(ss->sess_cert);
if (ss->peer != NULL)
X509_free(ss->peer);
if (ss->ciphers != NULL)
/* CRYPTO_w_lock(CRYPTO_LOCK_SSL); */
CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
- if (s->session != NULL)
- SSL_SESSION_free(s->session);
+ SSL_SESSION_free(s->session);
s->session = session;
s->verify_result = s->session->verify_result;
/* CRYPTO_w_unlock(CRYPTO_LOCK_SSL); */
ret = 1;
} else {
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- s->session = NULL;
- }
-
+ SSL_SESSION_free(s->session);
+ s->session = NULL;
meth = s->ctx->method;
if (meth != s->method) {
if (!SSL_set_ssl_method(s, meth))
size_t *len)
{
*len = s->tlsext_ticklen;
- if(tick != NULL)
+ if (tick != NULL)
*tick = s->tlsext_tick;
}