[
https://issues.apache.org/jira/browse/TS-3375?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14322674#comment-14322674
]
Masaori Koshiba commented on TS-3375:
-------------------------------------
Hi Susan,
It looks like if there are "dest_ip=*" in the ssl_multicert.config,
ssl_index_certificate is never called because of "inserted" is true in
SSLUtils.cc at line 1780.
-
https://github.com/apache/trafficserver/blob/5fb742d63742abbc0e441b6b9b8a74673097cf81/iocore/net/SSLUtils.cc#L1780
Thus TrafficServer can't find SSL_CTX by Subject CN or SubjectAltNames DNS in
ssl_servername_callback.
IMO, this is a side effect. How about calling ssl_index_certificate first?
{code}
inserted = ssl_index_certificate(lookup, SSLCertContext(ctx,
sslMultCertSettings.opt), certpath) || inserted
{code}
> Potential memory leak bug
> -------------------------
>
> Key: TS-3375
> URL: https://issues.apache.org/jira/browse/TS-3375
> Project: Traffic Server
> Issue Type: Bug
> Components: Core, SSL
> Reporter: Bin
> Assignee: Susan Hinrichs
> Fix For: 5.3.0
>
> Attachments: free_ctx.diff
>
>
> A potential memory leak bug. ctx is not freed when it is not inserted.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
