[Bug 66226] New: Lacking a check for the return value of SSL_CTX_set_session_id_context()

bugzilla Tue, 16 Aug 2022 23:45:28 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=66226


            Bug ID: 66226
           Summary: Lacking a check for the return value of
                    SSL_CTX_set_session_id_context()
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: critical
          Priority: P2
         Component: mod_ssl
          Assignee: bugs@httpd.apache.org
          Reporter: daniel.zhao1...@gmail.com
  Target Milestone: ---

According to the descriptions of SSL_CTX_set_session_id_context(), it has two
different return values.
But in httpd-2.4.53/modules/ssl/ssl_engine_kernel.c, we find it lacks a check
for the return value of SSL_CTX_set_session_id_context().

Reference:
https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_session_id_context.html

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 66226] New: Lacking a check for the return value of SSL_CTX_set_session_id_context()

Reply via email to