Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]: wolfSSL_get_session behavior changed with session cache #6061

Open
embhorn opened this issue Feb 6, 2023 · 1 comment
Open

[Bug]: wolfSSL_get_session behavior changed with session cache #6061

embhorn opened this issue Feb 6, 2023 · 1 comment
Assignees
Labels

Comments

@embhorn
Copy link
Member

embhorn commented Feb 6, 2023

Contact Details

eric@wolfssl.com

Version

master

Description

wolfSSL_get_session is marked with WOLFSSL_ABI. In that case it will need different logic based on NO_SESSION_CACHE_REF

The resume example fails with --enable-all, but works with only --enable-session-ticket. Is this because of session cache? Is it expected not to work?
https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tls-resume.c
Failure:

wolfSSL Entering ClientSessionToSession
Setting session for wrong role

It uses wolfSSL_get_session which gets a reference to the ssl->session pointer but that gets free'd with wolfSSL_free.

The example as is won't work with NO_SESSION_CACHE_REF defined.

To make things more interesting: without NO_SESSION_CACHE_REF wolfSSL_get_session returns a pointer to the ClientCache. That is why it works without --enable-all .

--enable-all turns on NO_SESSION_CACHE_REF

If we have changed behavior for some of our existing API’s especially ones marked with WOLFSSL_ABI we need to review this more closely. Forcing our examples to use get1 vs get seems wrong. If there is a build case (like with NO_SESSION_CACHE_REF that needs to use get1 then the example should have macro logic for each supported case.

wolfSSL_get_session is marked with WOLFSSL_ABI. In that case it will need different logic based on NO_SESSION_CACHE_REF .

Reproduction steps

No response

Relevant log output

No response

@dgarske
Copy link
Contributor

dgarske commented Feb 7, 2023

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants