upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-05-19 08:32:34 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

BUG/MEDIUM: ssl: does not try to free a DH in a ckch

Browse source 
ssl_sock_load_dh_params() should not free the DH * of a ckch, or the
ckch won't be usable during the next call.
This commit is contained in:
William Lallemand 2019-07-31 18:31:34 +02:00 committed by Willy Tarreau
parent c4ecddf418
commit a8c73748f8
1 changed files with 1 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/ssl_sock.c
View file

@ -2858,10 +2858,8 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain
int ret = -1;
DH *dh = NULL;
if (ckch)
if (ckch && ckch->dh) {
dh = ckch->dh;
if (dh) {
ret = 1;
SSL_CTX_set_tmp_dh(ctx, dh);
@ -2897,9 +2895,6 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain
}
end:
if (dh)
DH_free(dh);
return ret;
}
#endif