https://bz.apache.org/bugzilla/show_bug.cgi?id=69939
--- Comment #7 from Remy Maucherat <[email protected]> --- The native code in sslcontext.c is: if ((idx == 0) && (evp = SSL_dh_GetParamFromFile(cert_file))) { SSL_CTX_set0_tmp_dh_pkey(c->ctx, evp); EVP_PKEY_free(evp); } In the FFM code, this is different and EVP_PKEY_free(evp); is only called if SSL_CTX_set0_tmp_dh_pkey fails (= returns 0). According to the OpenSSL doc, if successful, EVP_PKEY_free(evp); must not be called since ownership of the object goes to the SSL_CTX. Source: https://docs.openssl.org/3.0/man3/SSL_CTX_set_tmp_dh_callback/ -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
