The attached patch against 1.0.0 fixes a potential use
of freed SSL_CTX when SSL_free() is called after SSL_CTX_free()
in application.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
diff -up openssl-1.0.0-beta3/ssl/ssl_lib.c.ctx-free openssl-1.0.0-beta3/ssl/ssl_lib.c
--- openssl-1.0.0-beta3/ssl/ssl_lib.c.ctx-free 2009-10-08 20:44:26.000000000 +0200
+++ openssl-1.0.0-beta3/ssl/ssl_lib.c 2009-10-16 11:56:53.000000000 +0200
@@ -556,7 +556,6 @@ void SSL_free(SSL *s)
if (s->cert != NULL) ssl_cert_free(s->cert);
/* Free up if allocated */
- if (s->ctx) SSL_CTX_free(s->ctx);
#ifndef OPENSSL_NO_TLSEXT
if (s->tlsext_hostname)
OPENSSL_free(s->tlsext_hostname);
@@ -580,6 +579,8 @@ void SSL_free(SSL *s)
if (s->method != NULL) s->method->ssl_free(s);
+ if (s->ctx) SSL_CTX_free(s->ctx);
+
#ifndef OPENSSL_NO_KRB5
if (s->kssl_ctx != NULL)
kssl_ctx_free(s->kssl_ctx);
