From 36657a43147aeb82a5b109d896025be3237d2296 Mon Sep 17 00:00:00 2001
From: Sam Varshavchik
Date: Tue, 24 May 2022 00:00:05 -0400
Subject: Assorted bug fixes.

Minor read-only use after free. OpenSSL 3.0 tweaks.
---
 tcpd/libcouriertls.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'tcpd/libcouriertls.c')

diff --git a/tcpd/libcouriertls.c b/tcpd/libcouriertls.c
index 22b9593..44ba121 100644
--- a/tcpd/libcouriertls.c
+++ b/tcpd/libcouriertls.c
@@ -426,10 +426,19 @@ static void load_dh_params(SSL_CTX *ctx, const char *filename,
 		{
 			if (EVP_PKEY_is_a(pkey, "DH"))
 			{
-				SSL_CTX_set0_tmp_dh_pkey(ctx, pkey);
-				*cert_file_flags = 1;
+				if (SSL_CTX_set0_tmp_dh_pkey(ctx, pkey))
+				{
+					*cert_file_flags = 1;
+				}
+				else
+				{
+					EVP_PKEY_free(pkey);
+				}
+			}
+			else
+			{
+				EVP_PKEY_free(pkey);
 			}
-			EVP_PKEY_free(pkey);
 		}
 
 #else
-- 
cgit v1.2.3