commit | a73a222a9863e5f6763786845c1ff9e7e1038c3c | [log] [tgz] |
---|---|---|
author | Emmanuel Hocdet <ehocdet@club.fr> | Mon Oct 26 13:55:30 2020 +0100 |
committer | William Lallemand <wlallemand@haproxy.org> | Tue Oct 27 09:38:51 2020 +0100 |
tree | 8d8a6b4c6835b7c5b33c5932b9deefdc859ff12c | |
parent | 5e10e44bce78677e2d8ccfc5e8be33fb2c6a6011 [diff] |
BUG/MEDIUM: ssl: OCSP must work with BoringSSL It's a regression from b3201a3e "BUG/MINOR: disable dynamic OCSP load with BoringSSL". The origin bug is link to 76b4a12 "BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free()": ssl_sock_free_ocsp() shoud be in #ifndef OPENSSL_IS_BORINGSSL. To avoid long #ifdef for small code, the BoringSSL part for ocsp load is isolated in a simple #ifdef. This must be backported in 2.2 and 2.1