From: William Lallemand <wlallemand@haproxy.com>
Date: Wed, 26 Aug 2020 15:34:44 +0000 (+0200)
Subject: BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards
X-Git-Tag: v2.3-dev4~73
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a78f3f0d79dc68bb42c2944439202f7cff40cc7f;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards

The fix 7df5c2d ("BUG/MEDIUM: ssl: fix ssl_bind_conf double free") was
not complete. The problem still occurs when using wildcards in
certificate, during the deinit.

This patch removes the free of the ssl_conf structure in
ssl_sock_free_all_ctx() since it's already done in the crtlist deinit.

It must be backported in 2.2.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6e6f337ffe..64208daef5 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5040,11 +5040,6 @@ void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
 		back = ebmb_next(node);
 		ebmb_delete(node);
 		SSL_CTX_free(sni->ctx);
-		if (!sni->order) { /* only free the SSL conf its first occurrence */
-			ssl_sock_free_ssl_conf(sni->conf);
-			free(sni->conf);
-			sni->conf = NULL;
-		}
 		LIST_DEL(&sni->by_ckch_inst);
 		free(sni);
 		node = back;