From 04b80cd29b23d02f373c095569e871275d128b43 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Sat, 19 Jul 2014 06:37:33 +0200 Subject: [PATCH 6/6] BUG/MEDIUM: connection: fix proxy v2 header again! Last commit 77d1f01 ("BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header") was wrong, using &cn_trash instead of cn_trash resulting in a warning and the client's SSL cert CN not being stored at the proper location. Thanks to Lukas Tribus for spotting this quickly. This should be backported to 1.5 after the patch above is backported. (cherry picked from commit 3b9a0c9d4d083d749846d66f9bd4caabafe4ee78) --- src/connection.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/connection.c b/src/connection.c index 3435b1a..2dd2c02 100644 --- a/src/connection.c +++ b/src/connection.c @@ -684,7 +684,7 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec } if (srv->pp_opts & SRV_PP_V2_SSL_CN) { cn_trash = get_trash_chunk(); - if (ssl_sock_get_remote_common_name(remote, &cn_trash) > 0) { + if (ssl_sock_get_remote_common_name(remote, cn_trash) > 0) { tlv_len = make_tlv(&buf[ret+ssl_tlv_len], (buf_len - ret - ssl_tlv_len), PP2_TYPE_SSL_CN, cn_trash->len, cn_trash->str); ssl_tlv_len += tlv_len; } -- 1.8.5.5