diff options
| -rw-r--r-- | doc/doc-txt/ChangeLog | 5 | ||||
| -rw-r--r-- | src/src/tls-openssl.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 9ed827f49..bf8141351 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -143,6 +143,11 @@ GF/01 DCC debug and logging tidyup TF/03 Avoid unnecessary rebuilds of lookup-related code. +PP/14 Fix OCSP reinitialisation in SNI handling for Exim/TLS as server. + Bug spotted by Jeremy Harris; was flawed since initial commit. + Would have resulted in OCSP responses post-SNI triggering an Exim + NULL dereference and crash. + Exim version 4.80.1 ------------------- diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 08b92bae5..440993585 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -689,7 +689,7 @@ if (cbinfo->server_cipher_list) if (cbinfo->ocsp_file) { SSL_CTX_set_tlsext_status_cb(server_sni, tls_stapling_cb); - SSL_CTX_set_tlsext_status_arg(server_ctx, cbinfo); + SSL_CTX_set_tlsext_status_arg(server_sni, cbinfo); } #endif |