From: William Lallemand <wlallemand@haproxy.com>
Date: Thu, 1 Aug 2019 08:59:34 +0000 (+0200)
Subject: BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle
X-Git-Tag: v2.1-dev2~247
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6dee29d63d597dfb865b67e53c04c7a9a015ba63;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle

When using a ckch we should never try to free its content, because it
won't be usable  after and can result in a NULL derefence during
parsing.

The content was previously freed because the ckch wasn't stored in a
tree to be used later, now that we use it multiple time, we need to keep
the data.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 0eaf2eb061..4656df0fc9 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3398,9 +3398,6 @@ end:
 	if (names)
 		sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
 
-	for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++)
-		ssl_sock_free_cert_key_and_chain_contents(&certs_and_keys[n]);
-
 	node = ebmb_first(&sni_keytypes_map);
 	while (node) {
 		next = ebmb_next(node);