From: Alan T. DeKok Date: Thu, 18 Jun 2015 14:05:40 +0000 (-0400) Subject: Set persist callbacks only if persist_dir is configured X-Git-Tag: release_3_0_9~123 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6547014081f68e538e8044f49fd1afa07c3963c1;p=thirdparty%2Ffreeradius-server.git Set persist callbacks only if persist_dir is configured --- diff --git a/src/main/tls.c b/src/main/tls.c index d298966517d..0fcdae2616c 100644 --- a/src/main/tls.c +++ b/src/main/tls.c @@ -1134,11 +1134,6 @@ static void cbtls_remove_session(SSL_CTX *ctx, SSL_SESSION *sess) return; } - if (!conf->session_cache_path) { - DEBUG(LOG_PREFIX ": Failed to find 'persist_dir' in TLS configuration. Cannot remove any cached session."); - return; - } - { int rv; char filename[256]; @@ -1177,11 +1172,6 @@ static int cbtls_new_session(SSL *ssl, SSL_SESSION *sess) return 0; } - if (!conf->session_cache_path) { - RDEBUG("Failed to find 'persist_dir' in TLS configuration. Session will not be cached on disk."); - return 0; - } - size = sess->session_id_length; if (size > MAX_SESSION_SIZE) size = MAX_SESSION_SIZE; @@ -1223,8 +1213,8 @@ static int cbtls_new_session(SSL *ssl, SSL_SESSION *sess) conf->session_cache_path, FR_DIR_SEP, buffer); fd = open(filename, O_RDWR|O_CREAT|O_EXCL, 0600); if (fd < 0) { - RWDEBUG("Session serialisation failed, failed opening session file %s: %s", - filename, fr_syserror(errno)); + RERROR("Session serialisation failed, failed opening session file %s: %s", + filename, fr_syserror(errno)); goto error; } @@ -1280,11 +1270,6 @@ static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, in return NULL; } - if (!conf->session_cache_path) { - RDEBUG("Failed to find 'persist_dir' in TLS configuration. Session was not cached on disk."); - return NULL; - } - talloc_ctx = SSL_get_ex_data(ssl, FR_TLS_EX_INDEX_TALLOC); { @@ -2580,9 +2565,14 @@ post_ca: * Callbacks, etc. for session resumption. */ if (conf->session_cache_enable) { - SSL_CTX_sess_set_new_cb(ctx, cbtls_new_session); - SSL_CTX_sess_set_get_cb(ctx, cbtls_get_session); - SSL_CTX_sess_set_remove_cb(ctx, cbtls_remove_session); + /* + * Cache sessions on disk if requested. + */ + if (conf->session_cache_path) { + SSL_CTX_sess_set_new_cb(ctx, cbtls_new_session); + SSL_CTX_sess_set_get_cb(ctx, cbtls_get_session); + SSL_CTX_sess_set_remove_cb(ctx, cbtls_remove_session); + } SSL_CTX_set_quiet_shutdown(ctx, 1); if (fr_tls_ex_index_vps < 0)