From cea9695bcfd157926670db57ba2495e1e3940730 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 21 Apr 2007 21:32:31 +0000 Subject: [PATCH] Daniel Black filed bug #1704675 (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on closedown after a failure and a bad #ifdef for NSS when closing down SSL. --- CHANGES | 6 ++++++ RELEASE-NOTES | 6 +++++- lib/gtls.c | 3 ++- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 3fb9c2c6d..3ccb69909 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,12 @@ Changelog +Daniel S (21 April 2007) +- Daniel Black filed bug #1704675 + (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free + problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on + closedown after a failure and a bad #ifdef for NSS when closing down SSL. + Yang Tse (20 April 2007) - Save one call to curlx_tvnow(), which calls gettimeofday(), in each of Curl_socket_ready(), Curl_poll() and Curl_select() when these are called diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 2c0c69cde..1e06881b3 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -23,6 +23,9 @@ This release includes the following bugfixes: o test suite SSL certificate works better with newer stunnel o internal progress meter update frequency back to once per second o avoid some unnecessary calls to function gettimeofday + o a double-free in the SSL-layer + o GnuTLS free of NULL credentials + o NSS-fix for closing down SSL This release includes the following known bugs: @@ -42,6 +45,7 @@ New curl mirrors: This release would not have looked like this without help, code, reports and advice from friends like these: - Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil, James Housley + Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil, + James Housley, Daniel Black Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/gtls.c b/lib/gtls.c index 3def5d998..73461b9cc 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -502,7 +502,8 @@ static void close_one(struct connectdata *conn, gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR); gnutls_deinit(conn->ssl[index].session); } - gnutls_certificate_free_credentials(conn->ssl[index].cred); + if(conn->ssl[index].cred) + gnutls_certificate_free_credentials(conn->ssl[index].cred); } void Curl_gtls_close(struct connectdata *conn)