Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

20241203-wolfSSL_CTX_flush_sessions-sessionIDSz #8246

Conversation

douzzer
Copy link
Contributor

@douzzer douzzer commented Dec 3, 2024

src/ssl_sess.c: in wolfSSL_CTX_flush_sessions(), add missing check of s->sessionIDSz, similar to the fix to TlsSessionCacheGetAndLock() in #8182 (ef67b1c). also, add missing macro to .wolfssl_known_macro_extras.

tested with wolfssl-multi-test.sh ... check-self-quick check-file-modes check-shell-scripts check-configure quantum-safe-wolfssl-all-g++-latest-debug quantum-safe-wolfssl-all-cppcheck clang-tidy-all-sp-all

… s->sessionIDSz, similar to the fix to TlsSessionCacheGetAndLock() in wolfSSL#8182 (ef67b1c).  also, add missing macro to .wolfssl_known_macro_extras.
Copy link
Contributor

@dgarske dgarske left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@douzzer douzzer requested a review from julek-wolfssl December 3, 2024 19:03
@dgarske dgarske merged commit fa6df90 into wolfSSL:master Dec 3, 2024
142 of 143 checks passed
@dgarske
Copy link
Contributor

dgarske commented Dec 3, 2024

Merging with ESP error not related to PR. @julek-wolfssl please review both changes post merge.

Copy link
Member

@julek-wolfssl julek-wolfssl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The same improvement should be made in DSH_CheckSessionId, ProcessServerHello (sniffer), and SESSION_ex_data_cache_update. Found with git grep -rP 'XMEMCMP.*sessionID'.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants