I updated to openssl 1.0.1k from 1.0.0d and I get a NULL pointer
dereference when I call SSL_get_certificate on a valid SSL object.
Backtrace:
ssl_set_cert_masks:1845
ssl_get_server_send_pkey:2117
ssl_get_server_send_cert:2175
SSL_get_certificate:2605
ssl_get_server_send_pkey calls ssl_set_cert_masks(c, s->s3->tmp.new_cipher)
and s->s3->tmp.new_cipher is NULL.
SSL_get_certificate has changed from:
if (s->cert != NULL)
return(s->cert->key->x509);
else
return(NULL);
to:
if (s->server)
return(ssl_get_server_send_cert(s));
else if (s->cert != NULL)
return(s->cert->key->x509);
else
return(NULL);
Apologies if I'm missing something obvious. I can come up with some simple
code that reproduces this if needed.
Cheers,
Bogdan
