[PATCH] Segfaults in 2.8.13 (was: Re: mod_ssl/2.8.13 and php)

Fri, 21 Mar 2003 04:48:11 -0800 

On Fri, Mar 21, 2003, Ralf S. Engelschall wrote:

> > I can see the same segmentation fault :
> [...]

Ok, can the people who are able to reproduce the segfault problem,
please apply the following patch, retry it and give feedback? I think
these two bugfixes should fix the problem now. If yes, I'll release
mod_ssl 2.8.14 with it. Thanks for your help.

Index: ssl_engine_kernel.c
===================================================================
RCS file: /e/modssl/cvs/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_kernel.c,v
retrieving revision 1.136
diff -u -d -r1.136 ssl_engine_kernel.c
--- ssl_engine_kernel.c 19 Nov 2002 13:57:01 -0000      1.136
+++ ssl_engine_kernel.c 21 Mar 2003 12:39:47 -0000
@@ -1048,13 +1048,15 @@
                         "Re-negotiation handshake failed: Client verification 
failed");
                 return FORBIDDEN;
             }
+            cert = SSL_get_peer_certificate(ssl);
             if (   dc->nVerifyClient == SSL_CVERIFY_REQUIRE
-                && (cert = SSL_get_peer_certificate(ssl)) == NULL) {
+                && cert == NULL) {
                 ssl_log(r->server, SSL_LOG_ERROR,
                         "Re-negotiation handshake failed: Client certificate 
missing");
-                X509_free(cert);
                 return FORBIDDEN;
             }
+            if (cert != NULL)
+                X509_free(cert);
         }
     }

Index: ssl_engine_vars.c
===================================================================
RCS file: /e/modssl/cvs/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_vars.c,v
retrieving revision 1.53
diff -u -d -r1.53 ssl_engine_vars.c
--- ssl_engine_vars.c   29 Oct 2002 13:00:46 -0000      1.53
+++ ssl_engine_vars.c   21 Mar 2003 12:40:12 -0000
@@ -322,7 +322,9 @@
     else if (ssl != NULL && strlen(var) > 7 && strcEQn(var, "SERVER_", 7)) {
         if ((xs = SSL_get_certificate(ssl)) != NULL) {
             result = ssl_var_lookup_ssl_cert(p, xs, var+7);
-            X509_free(xs);
+            /* SSL_get_certificate() as of OpenSSL 0.9.7a does not increment
+               the reference count the same way SSL_get_peer_certificate does,
+               so no need to X509_free(xs) the stuff here. */
         }
     }
     return result;

                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to