Release 2.4.10: fix regression in 2.4.9, use ls-qpack 0.10.6

litespeedtech · Oct 24, 2019 · 34e9ac5 · 34e9ac5
1 parent df992bc
commit 34e9ac5
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 4 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,11 +1,12 @@
 2019-10-24
-    - 2.4.9
+    - 2.4.10
     - [BUGFIX] IETF QUIC server: fix uninitialized variable use.
     - [BUGFIX] make sure TLSv1.3 is not disabled in SSL object.
     - [BUGFIX] Use issuer name and serial number to cache certs (SKID
       values are not unique).
     - [BUGFIX] Always set the idle alarm in IETF connection so that it
       can time out.
+    - Use ls-qpack v0.10.6, as it silences some warnings.
 
 2019-10-21
     - 2.4.8

diff --git a/include/lsquic.h b/include/lsquic.h
@@ -25,7 +25,7 @@ extern "C" {
 
 #define LSQUIC_MAJOR_VERSION 2
 #define LSQUIC_MINOR_VERSION 4
-#define LSQUIC_PATCH_VERSION 9
+#define LSQUIC_PATCH_VERSION 10
 
 /**
  * Engine flags:

diff --git a/src/liblsquic/ls-qpack b/src/liblsquic/ls-qpack
diff --git a/src/liblsquic/lsquic_handshake.c b/src/liblsquic/lsquic_handshake.c
@@ -2039,7 +2039,7 @@ get_sni_SSL_CTX(struct lsquic_enc_session *enc_session, lsquic_lookup_cert_f cb,
     cert_item_t *item;
     struct ssl_ctx_st *ssl_ctx;
     size_t key_sz;
-    unsigned char key[0x200];
+    unsigned char key[0x400];
 
     if (!enc_session->ssl_ctx)
     {
@@ -2086,6 +2086,10 @@ get_sni_SSL_CTX(struct lsquic_enc_session *enc_session, lsquic_lookup_cert_f cb,
         else
         {
             LSQ_INFO("cannot generate cert cache key, make copy");
+            out = NULL;
+            len = i2d_X509(crt, &out);
+            if (len < 0)
+                return GET_SNI_ERR;
   copy:     enc_session->cert_ptr = lsquic_str_new((char *) out, len);
             OPENSSL_free(out);
             if (!enc_session->cert_ptr)