From ed35c4722007c0a0cc421b4a6c4c8c6495982a74 Mon Sep 17 00:00:00 2001 From: Doug MacEachern Date: Wed, 13 Mar 2002 06:41:46 +0000 Subject: [PATCH] SSL_SESSION_id2sz() was NOT THREAD SAFE. it returned a pointer to a static variable. fixed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93899 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/ssl_engine_kernel.c | 14 +++++++++++--- modules/ssl/ssl_util_ssl.c | 6 +++--- modules/ssl/ssl_util_ssl.h | 6 +++++- 3 files changed, 19 insertions(+), 7 deletions(-) diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 5ae11afc0d..7c5e11dfd9 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1606,11 +1606,14 @@ int ssl_callback_NewSessionCacheEntry(SSL *ssl, SSL_SESSION *session) * Log this cache operation */ if (sc->nLogLevel >= SSL_LOG_TRACE) { + char buf[SSL_SESSION_ID_STRING_LEN]; + ssl_log(s, SSL_LOG_TRACE, "Inter-Process Session Cache: " "request=SET status=%s id=%s timeout=%ds (session caching)", (rc == TRUE ? "OK" : "BAD"), - SSL_SESSION_id2sz(session_id, session_id_length), + SSL_SESSION_id2sz(session_id, session_id_length, + buf, sizeof(buf)), (timeout - time(NULL))); } @@ -1647,12 +1650,15 @@ SSL_SESSION *ssl_callback_GetSessionCacheEntry(SSL *ssl, * Log this cache operation */ if (sc->nLogLevel >= SSL_LOG_TRACE) { + char buf[SSL_SESSION_ID_STRING_LEN]; const char *status = session ? "FOUND" : "MISSED"; const char *re = session ? "reuse" : "renewal"; ssl_log(s, SSL_LOG_TRACE, "Inter-Process Session Cache: " "request=GET status=%s id=%s (session %s)", - status, SSL_SESSION_id2sz(id, idlen), re); + status, + SSL_SESSION_id2sz(id, idlen, buf, sizeof(buf)), + re); } /* @@ -1701,9 +1707,11 @@ void ssl_callback_DelSessionCacheEntry(SSL_CTX *ctx, * Log this cache operation */ if (sc->nLogLevel >= SSL_LOG_TRACE) { + char buf[SSL_SESSION_ID_STRING_LEN]; ssl_log(s, SSL_LOG_TRACE, "Inter-Process Session Cache: " "request=REM status=OK id=%s (session dead)", - SSL_SESSION_id2sz(session_id, session_id_length)); + SSL_SESSION_id2sz(session_id, session_id_length, + buf, sizeof(buf))); } return; diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c index b68ed6685e..d3792a14e5 100644 --- a/modules/ssl/ssl_util_ssl.c +++ b/modules/ssl/ssl_util_ssl.c @@ -535,15 +535,15 @@ int SSL_CTX_use_certificate_chain( ** _________________________________________________________________ */ -char *SSL_SESSION_id2sz(unsigned char *id, int idlen) +char *SSL_SESSION_id2sz(unsigned char *id, int idlen, + char *str, int strsize) { - static char str[(SSL_MAX_SSL_SESSION_ID_LENGTH+1)*2]; char *cp; int n; cp = str; for (n = 0; n < idlen && n < SSL_MAX_SSL_SESSION_ID_LENGTH; n++) { - apr_snprintf(cp, sizeof(str)-(cp-str), "%02X", id[n]); + apr_snprintf(cp, strsize - (cp-str), "%02X", id[n]); cp += 2; } *cp = NUL; diff --git a/modules/ssl/ssl_util_ssl.h b/modules/ssl/ssl_util_ssl.h index 150254de73..66686fe391 100644 --- a/modules/ssl/ssl_util_ssl.h +++ b/modules/ssl/ssl_util_ssl.h @@ -80,6 +80,10 @@ */ #define SSL_SESSION_MAX_DER 1024*10 +/* max length for SSL_SESSION_id2sz */ +#define SSL_SESSION_ID_STRING_LEN \ + ((SSL_MAX_SSL_SESSION_ID_LENGTH + 1) * 2) + /* * Additional Functions */ @@ -100,6 +104,6 @@ BOOL SSL_load_CrtAndKeyInfo_file(apr_pool_t *, STACK_OF(X509_INFO) *, cha BOOL SSL_load_CrtAndKeyInfo_path(apr_pool_t *, STACK_OF(X509_INFO) *, char *); #endif /* SSL_EXPERIMENTAL_PROXY */ int SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, int (*)(char*,int,int,void*)); -char *SSL_SESSION_id2sz(unsigned char *, int); +char *SSL_SESSION_id2sz(unsigned char *, int, char *, int); #endif /* __SSL_UTIL_SSL_H__ */ -- 2.50.1