upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-28 17:49:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

BUG/MINOR: ssl: fix memory leak at OCSP loading

Browse source 
Fix a memory leak when loading an OCSP file when the file was already
loaded elsewhere in the configuration.

Indeed, if the OCSP file already exists, a useless chunk_dup() will be
done during the load.

To fix it we reverts "ocsp" to "iocsp" like it was done previously.

This was introduced by commit 246c024 ("MINOR: ssl: load the ocsp
in/from the ckch").

Should fix part of the issue #746.

It must be backported in 2.1 and 2.2.
This commit is contained in:
William Lallemand 2020-08-07 00:44:32 +02:00 committed by William Lallemand
parent 4896d279aa
commit 86e4d63316
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/ssl_sock.c
View file

@ -1399,7 +1399,7 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckc
ret = 0;
warn = NULL;
if (ssl_sock_load_ocsp_response(ckch->ocsp_response, ocsp, cid, &warn)) {
if (ssl_sock_load_ocsp_response(ckch->ocsp_response, iocsp, cid, &warn)) {
memprintf(&warn, "Loading: %s. Content will be ignored", warn ? warn : "failure");
ha_warning("%s.\n", warn);
}