Do not store unneeded data.

4de920c9 · Lutz Jänicke · 3cd039dd · 4de920c9 · 4de920c9
隐藏空白更改
内联并排

Showing with 9 addition and 4 deletion

CHANGES CHANGES +5 -0

ssl/ssl_lib.c ssl/ssl_lib.c +4 -4

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -13,6 +13,11 @@
         *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
         +) applies to 0.9.7 only

+  +) Do not store session data into the internal session cache, if it
+     is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+     flag is set). Proposed by Aslam <aslam@funk.com>.
+     [Lutz Jaenicke]
+
  +) Support for crypto accelerator cards from Accelerated Encryption
     Processing, www.aep.ie.  (Use engine 'aep')
     The support was copied from 0.9.6c [engine] and adapted/corrected

--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1646,9 +1646,10 @@ void ssl_update_cache(SSL *s,int mode)
 	 * and it would be rather hard to do anyway :-) */
 	if (s->session->session_id_length == 0) return;

-	if ((s->ctx->session_cache_mode & mode)
-		&& (!s->hit)
-		&& SSL_CTX_add_session(s->ctx,s->session)
+	i=s->ctx->session_cache_mode;
+	if ((i & mode) && (!s->hit)
+		&& ((i & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)
+		    || SSL_CTX_add_session(s->ctx,s->session))
 		&& (s->ctx->new_session_cb != NULL))
 		{
 		CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
@@ -1657,7 +1658,6 @@ void ssl_update_cache(SSL *s,int mode)
 		}

 	/* auto flush every 255 connections */
-	i=s->ctx->session_cache_mode;
 	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
 		((i & mode) == mode))
 		{