From 0b5f9ce37bd0e4030faf6af9e1b6356693239576 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Tue, 24 Nov 2015 21:53:40 +0100 Subject: [PATCH] Set reference count earlier Backport of 0e04674e964b905e67e3d215bcf888932c92765f Reviewed-by: Steve Henson RT #4047, #4110, MR #1356 --- ssl/ssl_cert.c | 2 +- ssl/ssl_lib.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 5df2413f71..9a4e104149 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -206,6 +206,7 @@ CERT *ssl_cert_dup(CERT *cert) memset(ret, 0, sizeof(CERT)); + ret->references = 1; ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; /* * or ret->key = ret->pkeys + (cert->key - cert->pkeys), if you find that @@ -282,7 +283,6 @@ CERT *ssl_cert_dup(CERT *cert) * chain is held inside SSL_CTX */ - ret->references = 1; /* * Set digests to defaults. NB: we don't copy existing values as they * will be set during handshake. diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 9cfeaf33ae..93d1cbe438 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -307,6 +307,7 @@ SSL *SSL_new(SSL_CTX *ctx) s->options = ctx->options; s->mode = ctx->mode; s->max_cert_list = ctx->max_cert_list; + s->references = 1; if (ctx->cert != NULL) { /* @@ -375,7 +376,6 @@ SSL *SSL_new(SSL_CTX *ctx) if (!s->method->ssl_new(s)) goto err; - s->references = 1; s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1; SSL_clear(s); -- 2.25.1