|
|
- commit 399714287a04d6b453ba95e4a3904a7644827d0b
- Author: Emeric Brun <ebrun@haproxy.com>
- Date: Thu Aug 16 15:14:12 2018 +0200
-
- BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
-
- If the dh parameter is not found, the openssl's error global
- stack was not correctly cleared causing unpredictable error
- during the following parsing (chain cert parsing for instance).
-
- This patch should be backported in 1.8 (and perhaps 1.7)
-
- (cherry picked from commit e1b4ed4352619f985d7d65f5d95a830ef5775c46)
- Signed-off-by: Willy Tarreau <w@1wt.eu>
-
- diff --git a/src/ssl_sock.c b/src/ssl_sock.c
- index 9f0ff1f0..9be2fc4c 100644
- --- a/src/ssl_sock.c
- +++ b/src/ssl_sock.c
- @@ -2597,6 +2597,8 @@ end:
- if (in)
- BIO_free(in);
-
- + ERR_clear_error();
- +
- return dh;
- }
-
|