]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a4c4586)
Revert r1874574: wrong patch.
authorYann Ylavic <ylavic@apache.org>
Thu, 27 Feb 2020 12:38:41 +0000 (12:38 +0000)
committerYann Ylavic <ylavic@apache.org>
Thu, 27 Feb 2020 12:38:41 +0000 (12:38 +0000)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1874575 13f79535-47bb-0310-9956-ffa450edef68

CHANGES patch | blob | blame | history
modules/ssl/ssl_util_stapling.c patch | blob | blame | history

diff --git a/CHANGES b/CHANGES
index 7a0d10591168f5888c6e1142211bea808e3fc01a..d5d0b5eb16cba3087e873785040a53154fe80e83 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,8 +1,6 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.1
 
-  *) mod_ssl: Fix memory leak of OCSP stapling response.  [Yann Ylavic]
-
   *) mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info".
      PR64172.
 
diff --git a/modules/ssl/ssl_util_stapling.c b/modules/ssl/ssl_util_stapling.c
index 32a838a07a2e99c2d17fc03828faead3f23fb5e4..8bb6e7c6c0a4c2b36abbda1a341ce2f9e801581a 100644 (file)
--- a/modules/ssl/ssl_util_stapling.c
+++ b/modules/ssl/ssl_util_stapling.c
@@ -870,25 +870,17 @@ static int stapling_cb(SSL *ssl, void *arg)
         }
     }
 
-    rv = SSL_TLSEXT_ERR_NOACK;
-    if (!rsp) {
-        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01957)
-                     "stapling_cb: no suitable response available");
-    }
-    else {
-        if (ok == TRUE || mctx->stapling_return_errors == TRUE) {
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01956)
-                         "stapling_cb: setting response");
-            if (!stapling_set_response(ssl, rsp)) {
-                rv = SSL_TLSEXT_ERR_ALERT_FATAL;
-            }
-            else {
-                rv = SSL_TLSEXT_ERR_OK;
-            }
-        }
-        OCSP_RESPONSE_free(rsp);
+    if (rsp && ((ok == TRUE) || (mctx->stapling_return_errors == TRUE))) {
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01956)
+                     "stapling_cb: setting response");
+        if (!stapling_set_response(ssl, rsp))
+            return SSL_TLSEXT_ERR_ALERT_FATAL;
+        return SSL_TLSEXT_ERR_OK;
     }
-    return rv;
+    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01957)
+                 "stapling_cb: no suitable response available");
+
+    return SSL_TLSEXT_ERR_NOACK;
 
 }
 
Mirror of https://github.com/apache/httpd.git