]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 027d206) | patch
BUG/MINOR: ssl: increment issuer refcount if in chain
authorWilliam Lallemand <wlallemand@haproxy.org>
Thu, 23 Jan 2020 10:42:52 +0000 (11:42 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Thu, 23 Jan 2020 10:57:39 +0000 (11:57 +0100)
commitb829dda57b4c8a44eff53682ed56492ad46ce3ad
treed4767fef6af388c145d0c8cc51532daa222078b7tree | snapshot
parent027d206b57bec59397eb6fb23f8ff4e3a2edb2e1commit | diff
BUG/MINOR: ssl: increment issuer refcount if in chain

When using the OCSP response, if the issuer of the response is in
the certificate chain, its address will be stored in ckch->ocsp_issuer.
However, since the ocsp_issuer could be filled by a separate file, this
pointer is free'd. The refcount of the X509 need to be incremented to
avoid a double free if we free the ocsp_issuer AND the chain.
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git