BUG/MEDIUM: shctx: makes the code independent on SSL runtime version.
struct SSL(ssl_st) defintion changed between openssl versions and must not be dereferenced.
diff --git a/src/shctx.c b/src/shctx.c
index 151b68a..f259b9c 100644
--- a/src/shctx.c
+++ b/src/shctx.c
@@ -350,7 +350,7 @@
unsigned char encsess[sizeof(struct shsess_packet)+SHSESS_MAX_DATA_LEN];
struct shsess_packet *packet = (struct shsess_packet *)encsess;
unsigned char *p;
- int data_len, sid_length;
+ int data_len, sid_length, sid_ctx_length;
/* Session id is already stored in to key and session id is known
@@ -358,6 +358,7 @@
*/
sid_length = sess->session_id_length;
sess->session_id_length = 0;
+ sid_ctx_length = sess->sid_ctx_length;
sess->sid_ctx_length = 0;
/* check if buffer is large enough for the ASN1 encoded session */
@@ -382,8 +383,8 @@
err:
/* reset original length values */
- sess->sid_ctx_length = ssl->sid_ctx_length;
sess->session_id_length = sid_length;
+ sess->sid_ctx_length = sid_ctx_length;
return 0; /* do not increment session reference count */
}
@@ -461,7 +462,7 @@
if (sess) {
memcpy(sess->session_id, key, key_len);
sess->session_id_length = key_len;
- memcpy(sess->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length);
+ memcpy(sess->sid_ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
sess->sid_ctx_length = ssl->sid_ctx_length;
}