httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 54357] Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()
Date Wed, 24 Sep 2014 12:29:20 GMT

Kaspar Brand <> changed:

           What    |Removed                     |Added
  Attachment #32043|0                           |1
        is obsolete|                            |

--- Comment #30 from Kaspar Brand <> ---
Created attachment 32053
Patch v7 - store stapling certinfo in a global hash, based on work by Alex

Hmm, ok, so after another closer look, I think I found another issue with the
existing code, actually: IINM, with the current certinfo_free code, we actually
leak the OCSP_CERTID stored cinf->cid (which gets allocated by

I came to this conclusion when I was restructuring ssl_stapling_init_cert() a
bit more, and am attaching my current version. I did some limited "real-world"
testing, but more testing and further reviews are welcome and appreciated, of

Joe and Steve: I've Cc'ed you in the hope that you could share your insights
and opinion on the currently suggested approach.

You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message