Fix bug with TLS where cert and key files were used after freeing them.

2023-04-20 21:12:08 +00:00 · 2023-04-20 21:12:08 +00:00 · fb24f93aaa
commit fb24f93aaa
parent 0b7282c36a
3 changed files with 6 additions and 9 deletions
--- a/src/HttpServer.c
+++ b/src/HttpServer.c
@ -28,6 +28,7 @@
 #include <Util.h>
 #include <Tls.h>
 #include <Log.h>
+#include <Str.h>

 #include <pthread.h>
 #include <stdio.h>
@ -316,6 +317,8 @@ HttpServerCreate(HttpServerConfig * config)
    memset(server, 0, sizeof(HttpServer));

    server->config = *config;
+    server->config.tlsCert = StrDuplicate(config->tlsCert);
+    server->config.tlsKey = StrDuplicate(config->tlsKey);

    server->threadPool = ArrayCreate();
    if (!server->threadPool)
@ -427,6 +430,8 @@ HttpServerFree(HttpServer * server)
    QueueFree(server->connQueue);
    pthread_mutex_destroy(&server->connQueueMutex);
    ArrayFree(server->threadPool);
+    Free(server->config.tlsCert);
+    Free(server->config.tlsKey);
    Free(server);
 }

--- a/src/Main.c
+++ b/src/Main.c
@ -460,14 +460,6 @@ start:
        }
    }

-    /* These config values are no longer needed; don't hold them in
-     * memory anymore */
-    Free(tConfig->uid);
-    Free(tConfig->gid);
-
-    tConfig->uid = NULL;
-    tConfig->gid = NULL;
-
    if (!tConfig->maxCache)
    {
        Log(LOG_WARNING, "Database caching is disabled.");
--- a/src/Tls/TlsOpenSSL.c
+++ b/src/Tls/TlsOpenSSL.c
@ -156,7 +156,7 @@ TlsInitServer(int fd, const char *crt, const char *key)

    if (SSL_CTX_use_certificate_file(cookie->ctx, crt, SSL_FILETYPE_PEM) <= 0)
    {
-        Log(LOG_ERR, "TlsInitServer(): Unable to set certificate file.");
+        Log(LOG_ERR, "TlsInitServer(): Unable to set certificate file: %s", crt);
        goto error;
    }