mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-22 14:21:25 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl: Fix OCSP_CERTID leak when same certificate is used multiple times

Browse Source 
If a given certificate is used multiple times in a configuration, the
ocsp_cid field would have been overwritten during each
ssl_sock_load_ocsp call even if it was previously filled.

This patch does not need to be backported.
This commit is contained in:
Remi Tricot-Le Breton 2023-01-09 12:02:47 +01:00 committed by William Lallemand
parent fc92b8bda5
commit 2d1daa8095
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/ssl_sock.c
View File

@ -1150,6 +1150,7 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, struct ckch_data *data, STACK_OF(X50
if (!issuer)
goto out;
if (!data->ocsp_cid)
data->ocsp_cid = OCSP_cert_to_id(0, x, issuer);
if (!data->ocsp_cid)
goto out;