I updated to openssl 1.0.1k from 1.0.0d and I get a NULL pointer dereference when I call SSL_get_certificate on a valid SSL object.
Backtrace: ssl_set_cert_masks:1845 ssl_get_server_send_pkey:2117 ssl_get_server_send_cert:2175 SSL_get_certificate:2605 ssl_get_server_send_pkey calls ssl_set_cert_masks(c, s->s3->tmp.new_cipher) and s->s3->tmp.new_cipher is NULL. SSL_get_certificate has changed from: if (s->cert != NULL) return(s->cert->key->x509); else return(NULL); to: if (s->server) return(ssl_get_server_send_cert(s)); else if (s->cert != NULL) return(s->cert->key->x509); else return(NULL); Apologies if I'm missing something obvious. I can come up with some simple code that reproduces this if needed. Cheers, Bogdan