mirror of
https://github.com/haproxy/haproxy.git
synced 2026-02-17 09:37:53 -05:00
HAProxy - Load balancer
76b4a12591
This bug affects all version of HAProxy since the OCSP data is not free in the deinit(), but leaking on exit() is not really an issue. However, when doing dynamic update of certificates over the CLI, those data are not free'd upon the free of the SSL_CTX. 3 leaks are happening, the first leak is the one of the ocsp_arg structure which serves the purpose of containing the pointers in the case of a multi-certificate bundle. The second leak is the one ocsp struct. And the third leak is the one of the struct buffer in the ocsp_struct. The problem lies with SSL_CTX_set_tlsext_status_arg() which does not provide a way to free the argument upon an SSL_CTX_free(). This fix uses ex index functions instead of registering a tlsext_status_arg(). This is really convenient because it allows to register a free callback which will free the ex index content upon a SSL_CTX_free(). A refcount was also added to the ocsp_response structure since it is stored in a tree and can be reused in another SSL_CTX. Should fix part of the issue #746. This must be backported in 2.2 and 2.1. |
||
|---|---|---|
| .github | ||
| contrib | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitignore | ||
| .travis.yml | ||
| BRANCHES | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| ROADMAP | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)