Avoid memory hole when we don't like the session proposed by the client

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index cac408c38e805689c102f6a7c71accfc2d409fec..3872b419283db7e0057d3cbe11440a1a70ad65d7 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -188,7 +188,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
        /* This is used only by servers. */
 
        SSL_SESSION *ret=NULL,data;
-       int copy=1;
 
        /* conn_init();*/
        data.ssl_version=s->version;
@@ -206,6 +205,8 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 
        if (ret == NULL)
                {
+               int copy=1;
+       
                s->ctx->stats.sess_miss++;
                ret=NULL;
                if (s->ctx->get_session_cb != NULL
@@ -217,6 +218,9 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
                        /* The following should not return 1, otherwise,
                         * things are very strange */
                        SSL_CTX_add_session(s->ctx,ret);
+                       /* auto free it (decrement reference count now) */
+                       if (!copy)
+                               SSL_SESSION_free(ret);
                        }
                if (ret == NULL) return(0);
                }
@@ -233,10 +237,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
            return 0;
            }
 
-       /* auto free it */
-       if (!copy)
-           SSL_SESSION_free(ret);
-
        if (ret->cipher == NULL)
                {
                unsigned char buf[5],*p;