Bad talloc magic value inside tls.c:sess_free_vps
Alan DeKok
aland at deployingradius.com
Wed Jun 25 01:31:20 CEST 2014
Phil Mayers wrote:
> At a guess, this is wrong:
>
> https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/src/modules/rlm_eap/libeap/eap_tls.c#L112
Yes. I've pushed a fix.
> I spent a bit of time looking at this earlier; the lifecycle of some of
> these objects is really really really hard to follow, both because
> OpenSSL is a bit weird, and because the naming of the FR TLS stuff is
> used in different ways to similarly-named objects inside OpenSSL.
It's sad.
> Given that sess_free_vps() is called by OpenSSL when the session goes
> away, I guess we don't need to parent the cached VPs to anything; ditto
> the cached certs?
It would be nice to use talloc...
> Certainly don't want to parent the vps/certs to handler or
> tls_session_t; those have shorter lifetimes than SSL_SESSION* objects.
Yes. I've just used a NULL ctx.
Alan DeKok.
More information about the Freeradius-Devel
mailing list