]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e63a1eb) | patch
BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
authorRemi Gacogne <rgacogne[at]aquaray[dot]fr>
Tue, 15 Jul 2014 09:36:40 +0000 (11:36 +0200)
committerWilly Tarreau <w@1wt.eu>
Tue, 15 Jul 2014 14:07:05 +0000 (16:07 +0200)
commit8de5415b85512da871d58d1e9a0a33bd67f3b570
tree43d8e66e1774b659e7f850bbc1c269622b4079eatree
parente63a1eb290a1c407453dbcaa16535c85a1904f9ecommit | diff
BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange

OpenSSL does not free the DH * value returned by the callback specified with SSL_CTX_set_tmp_dh_callback(),
leading to a memory leak for SSL/TLS connections using Diffie Hellman Ephemeral key exchange.
This patch fixes the leak by allocating the DH * structs holding the DH parameters once, at configuration time.

Note: this fix must be backported to 1.5.
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git