From 9fdf9a44bbe3827fe653165a07281ccae8ab0947 Mon Sep 17 00:00:00 2001
From: Watson Ladd <watsonbladd@gmail.com>
Date: Thu, 27 Apr 2023 10:14:51 -0700
Subject: Clear ownership when duplicating sessions

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20848)
---
 test/sslapitest.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'test')

diff --git a/test/sslapitest.c b/test/sslapitest.c
index eb5b5a5476..be1d742021 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -2285,7 +2285,9 @@ static int execute_test_session(int maxprot, int use_int_cache,
          */
         if (use_int_cache && maxprot != TLS1_3_VERSION) {
             if (!TEST_ptr(tmp = SSL_SESSION_dup(sess2))
-                    || !TEST_true(SSL_CTX_remove_session(sctx, sess2)))
+                || !TEST_true(sess2->owner != NULL)
+                || !TEST_true(tmp->owner == NULL)
+                || !TEST_true(SSL_CTX_remove_session(sctx, sess2)))
                 goto end;
             SSL_SESSION_free(sess2);
         }
-- 
cgit v1.2.1