I got a coredump from endtls() in citadel/server/modules/crypto/serv_crypto.c. It coredumped while freeing memory in SSL_free(CC->ssl). I have only seen it once.
The only thing I can find that is suspect is the call to SSL_shutdown() before it. The code does not check the return codes for either of the calls, but reading the docs on SSL_shutdown(), sometimes you need to call it twice if it does not return zero the first time. Can someone who knows SSL take a look at the code and verify what the logic should be. I do not want to change something and break it.
