From 16ff13427f00753a76672317143753b83cea7982 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 14 Mar 2018 17:51:18 +0000 Subject: [PATCH] Only update the server session cache when the session is ready In TLSv1.3 the session is not ready until after the end of the handshake when we are constructing the NewSessionTicket. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5621) --- ssl/statem/statem_lib.c | 7 ++++++- ssl/statem/statem_srvr.c | 14 ++++++++------ 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 82a711979d..a82079c2ee 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1043,7 +1043,12 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) ssl3_cleanup_key_block(s); if (s->server) { - ssl_update_cache(s, SSL_SESS_CACHE_SERVER); + /* + * In TLSv1.3 we update the cache as part of constructing the + * NewSessionTicket + */ + if (!SSL_IS_TLS13(s)) + ssl_update_cache(s, SSL_SESS_CACHE_SERVER); /* N.B. s->ctx may not equal s->session_ctx */ CRYPTO_atomic_add(&s->ctx->stats.sess_accept_good, 1, &discard, diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 041089cf96..50be8253c5 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3889,12 +3889,14 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt) SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, ERR_R_INTERNAL_ERROR); goto err; } - if (SSL_IS_TLS13(s) - && !tls_construct_extensions(s, pkt, - SSL_EXT_TLS1_3_NEW_SESSION_TICKET, - NULL, 0)) { - /* SSLfatal() already called */ - goto err; + if (SSL_IS_TLS13(s)) { + ssl_update_cache(s, SSL_SESS_CACHE_SERVER); + if (!tls_construct_extensions(s, pkt, + SSL_EXT_TLS1_3_NEW_SESSION_TICKET, + NULL, 0)) { + /* SSLfatal() already called */ + goto err; + } } EVP_CIPHER_CTX_free(ctx); HMAC_CTX_free(hctx); -- 2.25.1