Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 52a61cca42412029fd219aba7b59fe7eb0b4ca62
commit52a61cca42412029fd219aba7b59fe7eb0b4ca62[log] [tgz]
authorWilliam Lallemand <wlallemand@haproxy.org>Tue Jan 31 14:12:28 2023 +0100
committerWilly Tarreau <w@1wt.eu>Mon Feb 13 10:34:15 2023 +0100
tree503529c12614ba6192e2fe15f155bda366848105
parent22d40c6f0acf7665bbb4f6deb7a1d8c243ba5c5b [diff]
BUG/MEDIUM: ssl: wrong eviction from the session cache tree

When using WolfSSL, there are some cases were the SSL_CTX_sess_new_cb is
called with an existing session ID. These cases are not met with
OpenSSL.

When the ID is found in the session tree during the insertion, the
shared_block len is not set to 0 and is not used. However if later the
block is reused, since the len is not set to 0, the release callback
will be called an ebmb_delete will be tried on the block, even if it's
not in the tree, provoking a crash.

The code was buggy from the beginning, but the case never happen with
openssl which changes the ID.

Must be backported in every maintained branches.

(cherry picked from commit 222e5a260bea5de940db2fd6cf19da2176ac8934)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit 1eefaf64200454cf02e708f5e07646b55713b1a3)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit c076949887aa2c8496893f7a240c66e3f2b72e84)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit dd8bc3a89e4a1567eb64a628a063dc386c68f942)
Signed-off-by: Willy Tarreau <w@1wt.eu>
1 file changed
tree: 503529c12614ba6192e2fe15f155bda366848105
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .travis.yml
  16. BRANCHES
  17. CHANGELOG
  18. CONTRIBUTING
  19. INSTALL
  20. LICENSE
  21. MAINTAINERS
  22. Makefile
  23. README
  24. ROADMAP
  25. SUBVERS
  26. VERDATE
  27. VERSION