[
https://issues.apache.org/jira/browse/TS-2031?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13883683#comment-13883683
]
Feifei Cai commented on TS-2031:
--------------------------------
Hi James,
xptr is used to control memory, allocate and free memory by ourself. The
release() just set the pointer to NULL, actually it prevent the pointer from
free. I think there will be no double-free issue.
https://github.com/apache/trafficserver/blob/master/lib/ts/ink_resource.h#L110
However, I reconsidered it and found that it's no need to use xptr, because I
did not do any memory allocation for found_entry. So I change found_entry's
type back to SSLEntry *, just like here:
https://github.com/apache/trafficserver/blob/master/iocore/net/SSLCertLookup.cc#L269
I update the attached patch, please help have a review. Thank you!
> Two SSL certs with overlapping CNs stomps over each other without warnings
> --------------------------------------------------------------------------
>
> Key: TS-2031
> URL: https://issues.apache.org/jira/browse/TS-2031
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Leif Hedstrom
> Assignee: James Peach
> Priority: Minor
> Fix For: 5.1.0
>
> Attachments: TS-2031.diff
>
>
> If you have two certs that has the same CNs, the last one wins in the SNI
> negotiation. This even takes precedence over "assigned" IPs (SNI trumps IP).
> We should at least warn on this.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
