From 150840b9443d371bfa26e2a33051aa137b5606fc Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 23 Mar 2017 11:22:26 +0000 Subject: [PATCH] Always duplicate the session on NewSessionTicket in TLSv1.3 Because NST messages arrive post-handshake, the session may have already gone into the cache. Once in the cache a session must be immutable - otherwise you could get multi-thread issues. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3008) --- ssl/statem/statem_clnt.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 56c315e974..ab77ba05e9 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2438,7 +2438,15 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) if (ticklen == 0) return MSG_PROCESS_CONTINUE_READING; - if (s->session->session_id_length > 0) { + /* + * Sessions must be immutable once they go into the session cache. Otherwise + * we can get multi-thread problems. Therefore we don't "update" sessions, + * we replace them with a duplicate. In TLSv1.3 we need to do this every + * time a NewSessionTicket arrives because those messages arrive + * post-handshake and the session may have already gone into the session + * cache. + */ + if (SSL_IS_TLS13(s) || s->session->session_id_length > 0) { int i = s->session_ctx->session_cache_mode; SSL_SESSION *new_sess; /* -- 2.25.1