You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
46 lines
1.7 KiB
46 lines
1.7 KiB
diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c |
|
index 19d3ec7..926e05e 100644 |
|
--- a/modules/ssl/mod_ssl.c |
|
+++ b/modules/ssl/mod_ssl.c |
|
@@ -295,9 +295,12 @@ static apr_status_t ssl_cleanup_pre_config(void *data) |
|
#endif |
|
ERR_remove_state(0); |
|
|
|
- /* Don't call ERR_free_strings here; ERR_load_*_strings only |
|
- * actually load the error strings once per process due to static |
|
+ /* Don't call ERR_free_strings in earlier versions, ERR_load_*_strings only |
|
+ * actually loaded the error strings once per process due to static |
|
* variable abuse in OpenSSL. */ |
|
+#if (OPENSSL_VERSION_NUMBER >= 0x00090805f) |
|
+ ERR_free_strings(); |
|
+#endif |
|
|
|
/* Also don't call CRYPTO_cleanup_all_ex_data here; any registered |
|
* ex_data indices may have been cached in static variables in |
|
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c |
|
index 8425acb..508991e 100644 |
|
--- a/modules/ssl/ssl_engine_init.c |
|
+++ b/modules/ssl/ssl_engine_init.c |
|
@@ -1065,7 +1065,7 @@ static void ssl_init_server_certs(server_rec *s, |
|
const char *ecc_id; |
|
EC_GROUP *ecparams; |
|
int nid; |
|
- EC_KEY *eckey; |
|
+ EC_KEY *eckey = NULL; |
|
#endif |
|
const char *vhost_id = mctx->sc->vhost_id; |
|
int i; |
|
@@ -1151,10 +1151,11 @@ static void ssl_init_server_certs(server_rec *s, |
|
#if defined(SSL_CTX_set_ecdh_auto) |
|
SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); |
|
#else |
|
- SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, |
|
- EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); |
|
+ eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
|
+ SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey); |
|
#endif |
|
} |
|
+ EC_KEY_free(eckey); |
|
#endif |
|
} |
|
|
|
|