c->time = time(NULL);
ssl_session_calculate_timeout(c);
}
- SSL_SESSION_list_add(ctx, c);
- if (s != NULL) {
- /*
- * existing cache entry -- decrement previously incremented reference
- * count because it already takes into account the cache
- */
-
- SSL_SESSION_free(s); /* s == c */
- ret = 0;
- } else {
+ if (s == NULL) {
/*
* new cache entry -- remove old ones if cache has become too large
+ * delete cache entry *before* add, so we don't remove the one we're adding!
*/
ret = 1;
if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
- while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) {
+ while (SSL_CTX_sess_number(ctx) >= SSL_CTX_sess_get_cache_size(ctx)) {
if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
break;
else
}
}
}
+
+ SSL_SESSION_list_add(ctx, c);
+
+ if (s != NULL) {
+ /*
+ * existing cache entry -- decrement previously incremented reference
+ * count because it already takes into account the cache
+ */
+
+ SSL_SESSION_free(s); /* s == c */
+ ret = 0;
+ }
CRYPTO_THREAD_unlock(ctx->lock);
return ret;
}
goto end;
}
}
+ /*
+ * Make a small cache, force out all other sessions but
+ * sess2, try to add sess1, which should succeed. Then
+ * make sure it's there by checking the owners. Despite
+ * the timeouts, sess1 should have kicked out sess2
+ */
+
+ /* Make sess1 expire before sess2 */
+ if (!TEST_long_gt(SSL_SESSION_set_time(sess1, 1000), 0)
+ || !TEST_long_gt(SSL_SESSION_set_timeout(sess1, 1000), 0)
+ || !TEST_long_gt(SSL_SESSION_set_time(sess2, 2000), 0)
+ || !TEST_long_gt(SSL_SESSION_set_timeout(sess2, 2000), 0))
+ goto end;
+
+ if (!TEST_long_ne(SSL_CTX_sess_set_cache_size(sctx, 1), 0))
+ goto end;
+
+ /* Don't care about results - cache should only be sess2 at end */
+ SSL_CTX_add_session(sctx, sess1);
+ SSL_CTX_add_session(sctx, sess2);
+
+ /* Now add sess1, and make sure it remains, despite timeout */
+ if (!TEST_true(SSL_CTX_add_session(sctx, sess1))
+ || !TEST_ptr(sess1->owner)
+ || !TEST_ptr_null(sess2->owner))
+ goto end;
testresult = 1;