Zero the tls cert/key length variables when inheriting a server

configuration for multiple listen statements in a server block. Otherwise httpd will crash when a listen statement with tls is followed by a listen statement without tls. Problem reported by Kent Fritz on misc. ok jsing@ looks good deraadt@
author: jsg <jsg@openbsd.org> 2015-04-01 04:51:15 +0000
committer: jsg <jsg@openbsd.org> 2015-04-01 04:51:15 +0000
commit: dade8ed4759c986eb99c011d9e8d40e3b2320f61 (patch)
tree: ac7214df4a6e01df735ef27b801222dee8ac7297 /usr.sbin/httpd/parse.y
parent: create a taskq for network tasks to run in. cut ether_input_mbuf (diff)
download: wireguard-openbsd-dade8ed4759c986eb99c011d9e8d40e3b2320f61.tar.xz
wireguard-openbsd-dade8ed4759c986eb99c011d9e8d40e3b2320f61.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/httpd/parse.y b/usr.sbin/httpd/parse.y
index 50e51ab6354..0aae42164d2 100644
--- a/usr.sbin/httpd/parse.y
+++ b/usr.sbin/httpd/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.66 2015/03/09 15:46:45 reyk Exp $	*/
+/*	$OpenBSD: parse.y,v 1.67 2015/04/01 04:51:15 jsg Exp $	*/
 
 /*
  * Copyright (c) 2007 - 2015 Reyk Floeter <reyk@openbsd.org>
@@ -1907,6 +1907,8 @@ server_inherit(struct server *src, const char *name,
 		fatal("out of memory");
 	dst->srv_conf.tls_cert = NULL;
 	dst->srv_conf.tls_key = NULL;
+	dst->srv_conf.tls_cert_len = 0;
+	dst->srv_conf.tls_key_len = 0;
 
 	if (src->srv_conf.return_uri != NULL &&
 	    (dst->srv_conf.return_uri =
author	jsg <jsg@openbsd.org>	2015-04-01 04:51:15 +0000
committer	jsg <jsg@openbsd.org>	2015-04-01 04:51:15 +0000
commit	dade8ed4759c986eb99c011d9e8d40e3b2320f61 (patch)
tree	ac7214df4a6e01df735ef27b801222dee8ac7297 /usr.sbin/httpd/parse.y
parent	create a taskq for network tasks to run in. cut ether_input_mbuf (diff)
download	wireguard-openbsd-dade8ed4759c986eb99c011d9e8d40e3b2320f61.tar.xz wireguard-openbsd-dade8ed4759c986eb99c011d9e8d40e3b2320f61.zip