Disable requests for renegotiation in TLSv1.3

[oweals/openssl.git] / ssl / ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index df49d85cae4efdf76b373c03067d9a24c0862549..c6d5c1247f92e791f694243416ea018346bb6447 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -678,6 +678,15 @@ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
          * obtain the same session from an external cache)
          */
         s = NULL;
+    } else if (s == NULL &&
+               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
+        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
+
+        /*
+         * ... so take back the extra reference and also don't add
+         * the session to the SSL_SESSION_list at this time
+         */
+        s = c;
     }
 
     /* Put at the head of the queue unless it is already in the cache */
@@ -961,7 +970,7 @@ int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
             return 0;
         }
 
-        if (ext_data) {
+        if (ext_data != NULL) {
             s->ext.session_ticket->length = ext_len;
             s->ext.session_ticket->data = s->ext.session_ticket + 1;
             memcpy(s->ext.session_ticket->data, ext_data, ext_len);