From 16ff050478ab94d5147a4603fbd942a7f931c023 Mon Sep 17 00:00:00 2001 From: Thierry FOURNIER Date: Sun, 17 Jun 2018 21:33:01 +0200 Subject: [PATCH] BUG/MAJOR: ssl: Random crash with cipherlist capture The cipher list capture struct is stored in the SSL memory space, but the slot is reserved in the SSL_CTX memory space. This causes ramdom crashes. This patch should be backported to 1.8 --- src/ssl_sock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 5a003dc..e48bbec 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -8964,7 +8964,7 @@ static void __ssl_sock_init(void) #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER) sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_sctl_free_func); #endif - ssl_capture_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_capture_free_func); + ssl_capture_ptr_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_capture_free_func); ssl_pkey_info_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL); sample_register_fetches(&sample_fetch_keywords); acl_register_keywords(&acl_kws); -- 1.7.10.4