From: Daniel Stenberg Date: Sat, 21 Apr 2007 21:32:31 +0000 (+0000) Subject: Daniel Black filed bug #1704675 (http://curl.haxx.se/bug/view.cgi?id=1704675) X-Git-Tag: curl-7_16_3~160 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cea9695bcfd157926670db57ba2495e1e3940730;p=thirdparty%2Fcurl.git Daniel Black filed bug #1704675 (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on closedown after a failure and a bad #ifdef for NSS when closing down SSL. --- diff --git a/CHANGES b/CHANGES index 3fb9c2c6d1..3ccb69909c 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,12 @@ Changelog +Daniel S (21 April 2007) +- Daniel Black filed bug #1704675 + (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free + problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on + closedown after a failure and a bad #ifdef for NSS when closing down SSL. + Yang Tse (20 April 2007) - Save one call to curlx_tvnow(), which calls gettimeofday(), in each of Curl_socket_ready(), Curl_poll() and Curl_select() when these are called diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 2c0c69cdea..1e06881b36 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -23,6 +23,9 @@ This release includes the following bugfixes: o test suite SSL certificate works better with newer stunnel o internal progress meter update frequency back to once per second o avoid some unnecessary calls to function gettimeofday + o a double-free in the SSL-layer + o GnuTLS free of NULL credentials + o NSS-fix for closing down SSL This release includes the following known bugs: @@ -42,6 +45,7 @@ New curl mirrors: This release would not have looked like this without help, code, reports and advice from friends like these: - Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil, James Housley + Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil, + James Housley, Daniel Black Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/gtls.c b/lib/gtls.c index 3def5d998d..73461b9cc3 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -502,7 +502,8 @@ static void close_one(struct connectdata *conn, gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR); gnutls_deinit(conn->ssl[index].session); } - gnutls_certificate_free_credentials(conn->ssl[index].cred); + if(conn->ssl[index].cred) + gnutls_certificate_free_credentials(conn->ssl[index].cred); } void Curl_gtls_close(struct connectdata *conn)