You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ma...@apache.org on 2020/06/09 00:29:13 UTC
[trafficserver] branch master updated: Fix a crash on TLS resumption
This is an automated email from the ASF dual-hosted git repository.
maskit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 02a60b2 Fix a crash on TLS resumption
02a60b2 is described below
commit 02a60b2001bcb8781ede9bcd1be84f4c2b0c7fa3
Author: Masakazu Kitajo <ma...@apache.org>
AuthorDate: Mon Jun 8 14:01:18 2020 +0900
Fix a crash on TLS resumption
---
iocore/net/P_SSLNetVConnection.h | 7 ++++++-
iocore/net/TLSSessionResumptionSupport.cc | 1 -
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/iocore/net/P_SSLNetVConnection.h b/iocore/net/P_SSLNetVConnection.h
index ae719ff..4e63e63 100644
--- a/iocore/net/P_SSLNetVConnection.h
+++ b/iocore/net/P_SSLNetVConnection.h
@@ -302,7 +302,12 @@ public:
if (!ssl) {
return nullptr;
}
- ssl_curve_id curve = getSSLCurveNID();
+ ssl_curve_id curve;
+ if (getSSLSessionCacheHit()) {
+ curve = getSSLCurveNID();
+ } else {
+ curve = SSLGetCurveNID(ssl);
+ }
#ifndef OPENSSL_IS_BORINGSSL
if (curve == NID_undef) {
return nullptr;
diff --git a/iocore/net/TLSSessionResumptionSupport.cc b/iocore/net/TLSSessionResumptionSupport.cc
index 77b237c..8935c99 100644
--- a/iocore/net/TLSSessionResumptionSupport.cc
+++ b/iocore/net/TLSSessionResumptionSupport.cc
@@ -199,7 +199,6 @@ TLSSessionResumptionSupport::_getSessionInformation(ssl_ticket_key_block *keyblo
}
this->_setSSLSessionCacheHit(true);
- this->_setSSLCurveNID(SSLGetCurveNID(ssl));
#ifdef TLS1_3_VERSION
if (SSL_version(ssl) >= TLS1_3_VERSION) {