BUG/MEDIUM: ssl: does not try to free a DH in a ckch
ssl_sock_load_dh_params() should not free the DH * of a ckch, or the ckch won't be usable during the next call.
This commit is contained in:
parent
c4ecddf418
commit
a8c73748f8
|
@ -2858,10 +2858,8 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain
|
|||
int ret = -1;
|
||||
DH *dh = NULL;
|
||||
|
||||
if (ckch)
|
||||
if (ckch && ckch->dh) {
|
||||
dh = ckch->dh;
|
||||
|
||||
if (dh) {
|
||||
ret = 1;
|
||||
SSL_CTX_set_tmp_dh(ctx, dh);
|
||||
|
||||
|
@ -2897,9 +2895,6 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain
|
|||
}
|
||||
|
||||
end:
|
||||
if (dh)
|
||||
DH_free(dh);
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue