[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-bugs
Subject:    [Bug 66226] New: Lacking a check for the return value of SSL_CTX_set_session_id_context()
From:       bugzilla () apache ! org
Date:       2022-08-17 6:44:01
Message-ID: bug-66226-7868 () https ! bz ! apache ! org/bugzilla/
[Download RAW message or body]

https://bz.apache.org/bugzilla/show_bug.cgi?id=66226

            Bug ID: 66226
           Summary: Lacking a check for the return value of
                    SSL_CTX_set_session_id_context()
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: critical
          Priority: P2
         Component: mod_ssl
          Assignee: bugs@httpd.apache.org
          Reporter: daniel.zhao1002@gmail.com
  Target Milestone: ---

According to the descriptions of SSL_CTX_set_session_id_context(), it has two
different return values.
But in httpd-2.4.53/modules/ssl/ssl_engine_kernel.c, we find it lacks a check
for the return value of SSL_CTX_set_session_id_context().

Reference:
https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_session_id_context.html

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]