CVSROOT: /cvs Module name: src Changes by: r...@cvs.openbsd.org 2014/05/20 08:21:46
Modified files: usr.sbin/smtpd : ssl.c ssl.h Log message: Deep down inside OpenSSL, err... LibreSSL, RSA_set_ex_data attempts to free() the external data when releasing the RSA object. The RSA_GET_EX_NEW_INDEX(3) manual page doesn't mention that this is the default behaviour - it just describes the possible free_func() callback - and the code path in libcrypto is hiding the fact behind layers of abstraction. Fix possible double free by allocating and copying the external data reference that is used for RSA privsep (pkiname in smtpd's case). ok eric@ gilles@