Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 5762a0db0a606cab09fbf912232ee927f99f4c2d
commit5762a0db0a606cab09fbf912232ee927f99f4c2d[log] [tgz]
authorEmeric Brun <ebrun@haproxy.com>Fri Sep 06 15:36:02 2019 +0200
committerWilly Tarreau <w@1wt.eu>Fri Sep 06 17:33:33 2019 +0200
treea5d3859c55ae8f22bd6605c80c1f6d67a1fce786
parented5ac9c78652bd2c75d1c535f54e6bf4191d232e [diff]
BUG/MAJOR: ssl: ssl_sock was not fully initialized.

'ssl_sock' wasn't fully initialized so a new session can inherit some
flags from an old one.

This causes some fetches, related to client's certificate presence or
its verify status and errors, returning erroneous values.

This issue could generate other unexpected behaviors because a new
session could also inherit other flags such as SSL_SOCK_ST_FL_16K_WBFSIZE,
SSL_SOCK_SEND_UNLIMITED, or SSL_SOCK_RECV_HEARTBEAT from an old session.

This must be backported to 2.0 but it's useless for previous.
1 file changed
tree: a5d3859c55ae8f22bd6605c80c1f6d67a1fce786
  1. .github/
  2. contrib/
  3. doc/
  4. ebtree/
  5. examples/
  6. include/
  7. reg-tests/
  8. scripts/
  9. src/
  10. tests/
  11. .cirrus.yml
  12. .gitignore
  13. .travis.yml
  14. BRANCHES
  15. CHANGELOG
  16. CONTRIBUTING
  17. INSTALL
  18. LICENSE
  19. MAINTAINERS
  20. Makefile
  21. README
  22. ROADMAP
  23. SUBVERS
  24. VERDATE
  25. VERSION