Hi, This patch corrects a double free bug in ssl3_get_key_exchange (s3_clnt.c) when an error happens during the connection to a server.
Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr
--- E:/dev/libraries/openssl-1.0.latest/ssl/s3_clnt.c.original Sun Feb 28 01:24:24 2010 +++ E:/dev/libraries/openssl-1.0.latest/ssl/s3_clnt.c Sun Aug 8 14:49:30 2010 @@ -1508,6 +1508,7 @@ s->session->sess_cert->peer_ecdh_tmp=ecdh; ecdh=NULL; BN_CTX_free(bn_ctx); + bn_ctx = NULL; EC_POINT_free(srvr_ecpoint); srvr_ecpoint = NULL; }