Bad talloc magic value inside tls.c:sess_free_vps

Alan DeKok aland at
Wed Jun 25 01:31:20 CEST 2014

Phil Mayers wrote:
> At a guess, this is wrong:

  Yes.  I've pushed a fix.

> I spent a bit of time looking at this earlier; the lifecycle of some of
> these objects is really really really hard to follow, both because
> OpenSSL is a bit weird, and because the naming of the FR TLS stuff is
> used in different ways to similarly-named objects inside OpenSSL.

  It's sad.

> Given that sess_free_vps() is called by OpenSSL when the session goes
> away, I guess we don't need to parent the cached VPs to anything; ditto
> the cached certs?

  It would be nice to use talloc...

> Certainly don't want to parent the vps/certs to handler or
> tls_session_t; those have shorter lifetimes than SSL_SESSION* objects.

  Yes.  I've just used a NULL ctx.

  Alan DeKok.

More information about the Freeradius-Devel mailing list