[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: SSL session reuse crash (BR73916)
From: Waldo Bastian <bastian () kde ! org>
Date: 2004-02-01 15:07:45
Message-ID: 200402011607.45903.bastian () kde ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have applied the attached patch to prevent a SSL session id reuse crash.
Someone who actually knows how SSL session id reuse is supposed to work may
want to have a look at this to see if this is the correct solution or whether
things go wrong earlier already.
See http://bugs.kde.org/show_bug.cgi?id=73916 for details.
Cheers,
Waldo
- --
bastian@kde.org -=|[ SUSE, The Linux Desktop Experts ]|=- bastian@suse.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAHRZBN4pvrENfboIRAn7sAJ9FGj6jiYOfauYw7uUFT8EXzg58hgCeKa6D
FLjxkaSk5hHo6NY/sGvoza0=
=tkaN
-----END PGP SIGNATURE-----
["kssl_session_reuse.patch" (text/x-diff)]
Index: kssl.cc
===================================================================
RCS file: /home/kde/kdelibs/kio/kssl/kssl.cc,v
retrieving revision 1.75
diff -u -r1.75 kssl.cc
--- kssl.cc 6 Oct 2003 03:50:53 -0000 1.75
+++ kssl.cc 1 Feb 2004 14:56:02 -0000
@@ -282,7 +282,12 @@
return -1;
if (d->session) {
- if (1 == d->kossl->SSL_set_session(d->m_ssl,
+ if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
+ {
+ kdDebug(7029) << "Can't reuse session, no certificate." << endl;
+ delete d->session;
+ d->session = 0;
+ } else if (1 == d->kossl->SSL_set_session(d->m_ssl,
static_cast<SSL_SESSION*>(d->session->_session))) {
kdDebug(7029) << "Session ID is being reused." << endl;
} else {
@@ -363,7 +368,12 @@
return -1;
if (d->session) {
- if (1 == d->kossl->SSL_set_session(d->m_ssl,
+ if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
+ {
+ kdDebug(7029) << "Can't reuse session, no certificate." << endl;
+ delete d->session;
+ d->session = 0;
+ } else if (1 == d->kossl->SSL_set_session(d->m_ssl,
static_cast<SSL_SESSION*>(d->session->_session))) {
kdDebug(7029) << "Session ID is being reused." << endl;
} else {
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic