projects / haproxy-3.0.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 41ca930) | patch
BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
authorWilliam Lallemand <wlallemand@haproxy.com>
Wed, 8 Apr 2020 13:16:51 +0000 (15:16 +0200)
committerWilliam Lallemand <wlallemand@haproxy.org>
Wed, 8 Apr 2020 13:29:10 +0000 (15:29 +0200)
commit24be710609fe24781b489339273beec29114a3b8
tree0c200d62938c40e659266237e0e4fda98e95a933tree | snapshot
parent41ca930e58bba05eb50ac5e265cb0ef8f4533000commit | diff
BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'

When deleting the previous SNI entries with 'set ssl cert', the old
SSL_CTX' were not free'd, which probably prevent the completion of the
free of the X509 in the old ckch_store, because of the refcounts in the
SSL library.

This bug was introduced by 150bfa8 ("MEDIUM: cli/ssl: handle the
creation of SSL_CTX in an IO handler").

Must be backported to 2.1.
src/ssl_sock.c diff | blob | history
haproxy-3.0 public tree. Stable production code.