[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Patch for peer review
NOTE: Appologies if this is duplicated, the original sent 24 hours ago
has not been reflected back to me, nor shown up in the mail list archives.
config.h.in | 6 +++
configure | 4 +-
configure.in | 2 -
scheduler/conf.c | 7 +++
smtpserver/mxverify.c | 96
++++++++++++++++++++++++------------------------
smtpserver/policytest.c | 9 ++--
smtpserver/smtpserver.c | 66 +++++++++++++++++++++++++++++++--
smtpserver/smtptls.c | 7 +--
8 files changed, 134 insertions(+), 63 deletions(-)
config.h.in / configure / configure.in: Changed to test system for
isatty(), vfprintf() function.
scheduler/conf.c: Compiler warning on gcc 32bit i386 fixed.
mxverify.c: Changes to split out log info using the same method as
everything else seems to.
policytest.c: From looking over the SPF2 API I think there is a missing
SPF_free_c_results() needed in a minor error condition. Also in looking
at the #warning the spf_localpolicy is set from cfgread.c. It was
possible for smtpserver.conf to not have any spf-localpolicy
configuration directive in smtpserver.conf but initialize_spf() to be
called (due to SPF + in policy file) in this situation an unsafe
free(NULL) may result. I can't see any reason why we should worry about
releasing this piece memory so just removing the lines seems fine to me.
smtpserver.c: strdup() the command line data that is used throughout the
life of the runtime. smtpserver uses setproctitle() to change its 'ps
uax' listing, this features destroys the original environment space
setup when smtpserver was exec()ed.
Added function to only emit logging info for interactive use. Not
through SMTP server, certainly not through a +debuging +logging SSL
connection, as this trashes the connection.
smtptls.c: The data pointed to by the removed free's is owned by the SSL
handle not by the smtpserver application, this resulted in smtpserver to
crash on exit when the client is using SSL. This data pointed to was
free automatically at handle destruction. The other items remaining
SS->TLS.var items are strdup()ed by smtpserver. Maybe a better patch
would be to strdup() the cipher info too.
Maybe some of these have made it to CVS already, I've not checked will
update shortly. I've been running an almost exact same patches enabled
for a few weeks without seeing any problems.
--
Darryl L. Miles
Index: config.h.in
===================================================================
RCS file: /cvsroot/zmailer/config.h.in,v
retrieving revision 1.53
diff -u -r1.53 config.h.in
--- config.h.in 13 Jul 2004 23:25:53 -0000 1.53
+++ config.h.in 2 Mar 2005 01:25:50 -0000
@@ -257,6 +257,9 @@
/* Define to 1 if you have the `isascii' function. */
#undef HAVE_ISASCII
+/* Define to 1 if you have the `isatty' function. */
+#undef HAVE_ISATTY
+
/* HAVE_LDAP_H, 5 */
#undef HAVE_LDAP_H
@@ -647,6 +650,9 @@
/* Define to 1 if you have the <varargs.h> header file. */
#undef HAVE_VARARGS_H
+
+/* Define to 1 if you have the `vfprintf' function. */
+#undef HAVE_VFPRINTF
/* Define to 1 if you have the `vprintf' function. */
#undef HAVE_VPRINTF
Index: configure
===================================================================
RCS file: /cvsroot/zmailer/configure,v
retrieving revision 1.161
diff -u -r1.161 configure
--- configure 4 Aug 2004 13:24:45 -0000 1.161
+++ configure 2 Mar 2005 01:25:51 -0000
@@ -22006,7 +22006,9 @@
-for ac_func in vsprintf vsnprintf snprintf
+
+
+for ac_func in vfprintf vsprintf vsnprintf snprintf isatty
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
echo "$as_me:$LINENO: checking for $ac_func" >&5
Index: configure.in
===================================================================
RCS file: /cvsroot/zmailer/configure.in,v
retrieving revision 1.156
diff -u -r1.156 configure.in
--- configure.in 4 Aug 2004 13:23:41 -0000 1.156
+++ configure.in 2 Mar 2005 01:25:51 -0000
@@ -2559,7 +2559,7 @@
AC_FUNC_STRFTIME
AC_FUNC_SPRINTF
AC_FUNC_VPRINTF
-AC_CHECK_FUNCS(vsprintf vsnprintf snprintf)
+AC_CHECK_FUNCS(vfprintf vsprintf vsnprintf snprintf isatty)
AC_FUNC_ALLOCA
AC_FUNC_GETPGRP
AC_FUNC_MMAP
Index: scheduler/conf.c
===================================================================
RCS file: /cvsroot/zmailer/scheduler/conf.c,v
retrieving revision 1.9
diff -u -r1.9 conf.c
--- scheduler/conf.c 8 May 2003 01:48:35 -0000 1.9
+++ scheduler/conf.c 2 Mar 2005 01:25:51 -0000
@@ -6,6 +6,7 @@
* Lots of modifications (new guts, more or less..) by
* Matti Aarnio <mea@nic.funet.fi> (copyright) 1992-2002
*/
+#include "config.h"
/* stdout and stderr end up in qlogdir/progname when scheduler is a daemon */
const char * qlogdir = "/usr/spool/log"; /* overridden by LOGDIR zenvariable */
@@ -43,7 +44,11 @@
/* If we use ZMailer malloc library in debug mode, BAD-PTR looks like
following value.. */
-void *BADPTR = (void*) (unsigned long)0x5555555555555555L;
+#if (SIZEOF_VOID_P == 8)
+void *BADPTR = (void*) (unsigned long long)0x5555555555555555ULL;
+#else /* 4 */
+void *BADPTR = (void*) (unsigned long)0x55555555UL;
+#endif
/* Push reports regarding recipients out this often, unless
parametrized to do differently */
Index: smtpserver/mxverify.c
===================================================================
RCS file: /cvsroot/zmailer/smtpserver/mxverify.c,v
retrieving revision 1.40
diff -u -r1.40 mxverify.c
--- smtpserver/mxverify.c 3 Jan 2005 12:20:39 -0000 1.40
+++ smtpserver/mxverify.c 2 Mar 2005 01:25:51 -0000
@@ -40,7 +40,7 @@
HEADER *hp;
msgdata *eom, *cp, *cpnext;
int qlen, n, j, qdcount, ancount, nscount, arcount, maxpref, class;
- u_short type;
+ u_short rrtype;
int saw_cname = 0, had_mx_record = 0;
int ttl;
struct addrinfo req, *ai;
@@ -59,7 +59,7 @@
return -EX_NOHOST;
if (debug) {
- printf("000- dnsmxlookup('%s', depth=%d mxmode=%d qtype=%s)\n",
+ type(NULL,0,NULL," dnsmxlookup('%s', depth=%d mxmode=%d qtype=%s)",
host, depth, mxmode,
((qtype == T_TXT) ? "T_TXT" :
((qtype == T_MX) ? "T_MX" : "other")));
@@ -69,7 +69,7 @@
(void*)&qbuf, sizeof qbuf);
if (qlen < 0) {
if (debug)
- printf("000- res_mkquery failed\n");
+ type(NULL,0,NULL," res_mkquery failed");
return -EX_SOFTWARE;
}
n = res_send((void*)&qbuf, qlen, (void*)&answer, sizeof answer);
@@ -88,7 +88,7 @@
arcount = ntohs(hp->arcount);
if (debug)
- printf("000- len=%d rcode=%d qdcount=%d ancount=%d nscount=%d arcount=%d TC=%d\n",
+ type(NULL,0,NULL," len=%d rcode=%d qdcount=%d ancount=%d nscount=%d arcount=%d TC=%d",
n, hp->rcode, qdcount, ancount, nscount, arcount, hp->tc);
if (hp->rcode != NOERROR || ancount == 0) {
@@ -132,7 +132,7 @@
break;
cp += n;
- NS_GET16(type, cp); /* type */
+ NS_GET16(rrtype,cp); /* type */
NS_GET16(class, cp); /* class */
NS_GET32(ttl, cp); /* ttl */
NS_GET16(n, cp); /* dlen */
@@ -144,19 +144,19 @@
break;
}
- if (type == T_CNAME) {
+ if (rrtype == T_CNAME) {
dn_expand((msgdata *)&answer, eom, cp,
(void*)realname, sizeof realname);
saw_cname = 1;
continue;
}
- if (type != qtype) {
+ if (rrtype != qtype) {
/* Not looked for .. */
continue;
}
- if (type == T_MX) {
+ if (rrtype == T_MX) {
int pref;
NS_GET16(pref, cp); /* MX preference value */
n = dn_expand((msgdata *)&answer, eom, cp, (void*)buf, sizeof buf);
@@ -164,7 +164,7 @@
break;
if (debug)
- printf("000 MX[%d] = '%s'\n", mxcount, buf);
+ type(NULL,0,NULL," MX[%d] = '%s'", mxcount, buf);
if (mxcount < MAXMX) {
mxs[mxcount].mx = strdup((const char *)buf);
@@ -179,7 +179,7 @@
continue;
} /* ===== END OF MX DATA PROCESING ========= */
- if (type == T_TXT) {
+ if (rrtype == T_TXT) {
int i, len = (*cp) & 0xFF; /* 0..255 chars */
/* Mal-formed inputs are possible overflowing the buffer.. */
@@ -218,7 +218,7 @@
#if 0
if (qtype == T_MX && !mxmode && had_mx_record) {
/* Accept if found ANYTHING! */
- if (debug) printf("000- ... accepted!\n");
+ if (debug) type(NULL,0,NULL," ... accepted!");
for (i = 0; i < mxcount; ++i) if (mxs[i].mx) free(mxs[i].mx);
return 1;
}
@@ -237,10 +237,10 @@
cp += n;
if (cp+10 > eom) { cp = eom; break; }
- NS_GET16(type, cp); /* type - short */
- NS_GET16(class, cp); /* class - short */
- cp += NS_INT32SZ; /* ttl - long */
- NS_GET16(n, cp); /* dlen - short */
+ NS_GET16(rrtype, cp); /* type - short */
+ NS_GET16(class, cp); /* class - short */
+ cp += NS_INT32SZ; /* ttl - long */
+ NS_GET16(n, cp); /* dlen - short */
cp += n; /* We simply skip this data.. */
if (cp <= eom)
@@ -248,7 +248,7 @@
}
if (debug)
- printf("000- nscount=%d (== 0 ?) arcount=%d eom-cp=%d\n",
+ type(NULL,0,NULL," nscount=%d (== 0 ?) arcount=%d eom-cp=%d",
nscount, arcount, eom-cp);
/* Ok, can continue to pick the ADDITIONAL SECTION data */
@@ -266,10 +266,10 @@
cp += n;
if (cp+10 > eom) { cp = eom; break; }
- NS_GET16(type, cp); /* type - short */
- NS_GET16(class, cp); /* class - short */
- cp += NS_INT32SZ; /* ttl - long */
- NS_GET16(n, cp); /* dlen - short */
+ NS_GET16(rrtype, cp); /* type - short */
+ NS_GET16(class, cp); /* class - short */
+ cp += NS_INT32SZ; /* ttl - long */
+ NS_GET16(n, cp); /* dlen - short */
cpnext = cp + n;
@@ -284,9 +284,9 @@
/* A and AAAA are known here! */
- if (type == T_A
+ if (rrtype == T_A
#if defined(AF_INET6) && defined(INET6)
- || (type == T_AAAA)
+ || (rrtype == T_AAAA)
#endif
) {
@@ -300,7 +300,7 @@
if (strcasecmp((const char *)buf, mxs[n].mx) == 0) {
/* YES! */
- mxs[n].type |= (type == T_A) ? 1 : 2 ; /* bitflag: 1 or 2 */
+ mxs[n].type |= (rrtype == T_A) ? 1 : 2 ; /* bitflag: 1 or 2 */
/* We do have a wanted name! */
@@ -308,7 +308,7 @@
memset(&usa, 0, sizeof(usa));
- switch (type) {
+ switch (rrtype) {
#if defined(AF_INET6) && defined(INET6)
case T_AAAA:
usa.v6.sin6_family = PF_INET6;
@@ -327,16 +327,16 @@
if (debug) {
if (usa.v4.sin_family == AF_INET) {
inet_ntop(AF_INET, (void*) & usa.v4.sin_addr, (char *)buf, sizeof(buf));
- printf("000- matching %s AR address IPv4:[%s]\n", mxs[n].mx, buf);
+ type(NULL,0,NULL," matching %s AR address IPv4:[%s]", mxs[n].mx, buf);
}
#if defined(AF_INET6) && defined(INET6)
else if (usa.v6.sin6_family == AF_INET6) {
inet_ntop(AF_INET6, (void*) & usa.v6.sin6_addr, (char*)buf, sizeof(buf));
- printf("000- matching %s AR address IPv6:[%s]\n", mxs[n].mx, buf);
+ type(NULL,0,NULL," matching %s AR address IPv6:[%s]", mxs[n].mx, buf);
}
#endif
else
- printf("000- matching unknown %s AR address family address; AF=%d\n",
+ type(NULL,0,NULL," matching unknown %s AR address family address; AF=%d",
mxs[n].mx, usa.v4.sin_family);
}
#endif
@@ -344,25 +344,25 @@
j = matchmyaddress( &usa );
if (j == 1) {
if (debug)
- printf("000- AR ADDRESS MATCH!\n");
+ type(NULL,0,NULL," AR ADDRESS MATCH!");
mxs[n].islocal = 1;
/* Found a match! */
goto ponder_mx_result;
} else if (j == 2) {
if (debug)
- printf("000- AR ADDRESS LOOPBACK MATCH!\n");
+ type(NULL,0,NULL," AR ADDRESS LOOPBACK MATCH!");
mxs[n].islocal = 2;
/* Found a match! */
goto ponder_mx_result;
} else
if (debug)
- printf("000- AR matchmyaddress() yields: %d\n", j);
+ type(NULL,0,NULL," AR matchmyaddress() yields: %d", j);
break; /* Name matched, no need to spin more here.. */
} /* Matched name! */
} /* Name matching loop */
continue;
- } /* type = T_A or T_AAAA */
+ } /* rrtype = T_A or T_AAAA */
/* All other cases.. */
--arcount;
@@ -416,7 +416,7 @@
rc = getaddrinfo(mxs[n].mx, "0", &req, &ai);
#endif
if (debug)
- printf("000- getaddrinfo('%s','0') -> r=%d, ai=%p\n",
+ type(NULL,0,NULL," getaddrinfo('%s','0') -> r=%d, ai=%p",
mxs[n].mx,rc,(void*)ai);
if (rc != 0)
@@ -431,49 +431,49 @@
if (usa->v4.sin_family == AF_INET) {
inet_ntop(AF_INET, (void*) & usa->v4.sin_addr, buf, sizeof(buf));
- printf("000- matching %s address IPv4:[%s]\n",
+ type(NULL,0,NULL," matching %s address IPv4:[%s]",
mxs[n].mx, buf);
}
#if defined(AF_INET6) && defined(INET6)
else if (usa->v6.sin6_family == AF_INET6) {
inet_ntop(AF_INET6, (void*) & usa->v6.sin6_addr, buf, sizeof(buf));
- printf("000- matching %s address IPv6:[%s]\n",
+ type(NULL,0,NULL," matching %s address IPv6:[%s]",
mxs[n].mx, buf);
}
#endif
else
- printf("000- matching %s unknown address family address; AF=%d\n",
+ type(NULL,0,NULL," matching %s unknown address family address; AF=%d",
mxs[n].mx, usa->v4.sin_family);
}
#endif
rc = matchmyaddress((Usockaddr *)ai2->ai_addr);
if (rc == 1) {
if (debug)
- printf("000- ADDRESS MATCH!\n");
+ type(NULL,0,NULL," ADDRESS MATCH!");
freeaddrinfo(ai);
mxs[n].islocal = 1;
/* Found a match! */
goto ponder_mx_result;
} else if (rc == 2) {
if (debug)
- printf("000- LOOPBACK ADDRESS MATCH!\n");
+ type(NULL,0,NULL," LOOPBACK ADDRESS MATCH!");
freeaddrinfo(ai);
mxs[n].islocal = 2;
/* Found a match! */
goto ponder_mx_result;
} else
if (debug)
- printf("000- matchmyaddress() yields: %d\n", rc);
+ type(NULL,0,NULL," matchmyaddress() yields: %d", rc);
}
if (debug)
- printf("000- No address match among %d address!\n", k);
+ type(NULL,0,NULL," No address match among %d address!", k);
freeaddrinfo(ai);
if (!mxmode) /* Accept if found ANYTHING! */ {
int i;
- if (debug) printf("000- ... accepted!\n");
+ if (debug) type(NULL,0,NULL," ... accepted!");
for (i = 0; i < mxcount; ++i)
if (mxs[i].mx)
free(mxs[i].mx);
@@ -491,7 +491,7 @@
}
if (debug)
- printf("000- saw_cname=%d had_mx_record=%d mxmode=%d\n",
+ type(NULL,0,NULL," saw_cname=%d had_mx_record=%d mxmode=%d",
saw_cname, had_mx_record, mxmode);
/* Didn't find any, but saw CNAME ? Recurse with the real name */
@@ -522,13 +522,13 @@
of MX server, though.. */
#ifdef HAVE__GETADDRINFO_
if (debug)
- printf("000- perhaps A?\n");
+ type(NULL,0,NULL," perhaps A?");
i = _getaddrinfo_((const char*)host, "0", &req, &ai, debug ? stdout : NULL);
#else
i = getaddrinfo((const char*)host, "0", &req, &ai);
#endif
if (debug)
- printf("000- getaddrinfo('%s','0') (PF_INET) -> r=%d (%s), ai=%p\n",host,i,gai_strerror(i),(void*)ai);
+ type(NULL,0,NULL," getaddrinfo('%s','0') (PF_INET) -> r=%d (%s), ai=%p",host,i,gai_strerror(i),(void*)ai);
#if defined(AF_INET6) && defined(INET6)
if (use_ipv6) {
@@ -553,7 +553,7 @@
n2 = getaddrinfo((const char *)host, "0", &req, &ai2);
#endif
if (debug)
- printf("000- getaddrinfo('%s','0') (PF_INET6) -> r=%d (%s), ai=%p\n",host,n2,gai_strerror(n2),(void*)ai2);
+ type(NULL,0,NULL," getaddrinfo('%s','0') (PF_INET6) -> r=%d (%s), ai=%p",host,n2,gai_strerror(n2),(void*)ai2);
if (i != 0 && n2 == 0) {
@@ -692,7 +692,7 @@
rc = dnsmxlookup(state, hbuf, 0, 0, T_MX);
if (debug)
- printf("000- dnsmxlookup() did yield: %d, retmode='%c'\n",
+ type(NULL,0,NULL," dnsmxlookup() did yield: %d, retmode='%c'",
rc,retmode);
if (rc == 1) return 0; /* Found! */
@@ -792,7 +792,7 @@
if (debug)
- printf("000- looking up DNS A object: %s\n", hbuf);
+ type(NULL,0,NULL," looking up DNS A object: %s", hbuf);
hp = gethostbyname(hbuf);
@@ -817,7 +817,7 @@
#endif
/* Ok, then lookup for the TXT entry too! */
if (debug)
- printf("000- looking up DNS TXT object: %s\n", hbuf);
+ type(NULL,0,NULL," looking up DNS TXT object: %s", hbuf);
if (dnsmxlookup(state, hbuf, 0, 0, T_TXT) == 1) {
if (*msgp != NULL)
@@ -833,7 +833,7 @@
*s = ' ';
}
}
- type(NULL,0,NULL,"Found DNS TXT object: %s\n",
+ type(NULL,0,NULL,"Found DNS TXT object: %s",
(*msgp ? *msgp : "<nil>"));
}
return -1;
Index: smtpserver/policytest.c
===================================================================
RCS file: /cvsroot/zmailer/smtpserver/policytest.c,v
retrieving revision 1.119
diff -u -r1.119 policytest.c
--- smtpserver/policytest.c 3 Jan 2005 12:20:39 -0000 1.119
+++ smtpserver/policytest.c 2 Mar 2005 01:25:51 -0000
@@ -867,16 +867,17 @@
spf_localpolicy,
spf_whitelist_use_default,
&state->local_policy)) {
- type(NULL,0,NULL," SPF_compile_local_policy() failed: %s",
+ type(NULL,0,NULL," SPF_compile_local_policy() failed: %s; disabling SPF",
state->local_policy.err_msg);
- free(spf_localpolicy);
+ SPF_free_c_results(&state->local_policy);
+// if(spf_localpolicy != NULL) { free(spf_localpolicy); spf_localpolicy=NULL; }
state->check_spf=0;
return;
}
if (debug)
type(NULL,0,NULL," SPF local_policy: %s",spf_localpolicy);
-#warning "strange looking free(spf_localpolicy) call here!"
- free(spf_localpolicy); /* FIXME??FIXME??FIXME?? */
+//#warning "strange looking free(spf_localpolicy) call here!"
+// if(spf_localpolicy != NULL) { free(spf_localpolicy); spf_localpolicy=NULL; } /* FIXME??FIXME??FIXME?? */
SPF_set_local_policy(state->spfcid,state->local_policy);
}
Index: smtpserver/smtpserver.c
===================================================================
RCS file: /cvsroot/zmailer/smtpserver/smtpserver.c,v
retrieving revision 1.192
diff -u -r1.192 smtpserver.c
--- smtpserver/smtpserver.c 28 Nov 2004 03:33:52 -0000 1.192
+++ smtpserver/smtpserver.c 2 Mar 2005 01:25:52 -0000
@@ -683,7 +683,7 @@
daemon_flg = 0;
break;
case 'I': /* PID file */
- pidfile = optarg;
+ pidfile = strdup(optarg);
pidfile_set = 1;
break;
case 'l': /* log file(prefix) */
@@ -693,7 +693,7 @@
break;
}
- logfile = optarg;
+ logfile = strdup(optarg);
break;
case 'L': /* Max LoadAverage */
@@ -3031,6 +3031,66 @@
va_end(ap);
}
+
+/* Only output if we are interactive */
+#if (defined(HAVE_VPRINTF) && defined(HAVE_VFPRINTF))
+#ifdef HAVE_STDARG_H
+int
+#ifdef __STDC__
+interactive_fprintf(FILE *fp, const char *fmt, ...)
+#else /* Non ANSI-C */
+interactive_fprintf(fp, fmt)
+FILE *fp;
+const char *fmt;
+#endif
+#else
+/* VARARGS2 */
+int
+interactive_fprintf(fp, fmt, va_alist)
+FILE *fp;
+const char *fmt;
+va_dcl
+#endif
+#else
+int
+interactive_fprintf(fp, fmt, s1, s2, s3, s4, s5, s6)
+FILE *fp;
+const char *fmt;
+const char *s1, *s2, *s3, *s4, *s5, *s6;
+#endif
+{
+ int fd;
+ int rv;
+
+ rv = 0;
+ fd = fileno(fp);
+
+#ifdef HAVE_ISATTY
+ if(isatty(fd))
+#else
+ /* Need to find an alternative method */
+ #error "isatty() is not available on your platform"
+#endif
+ {
+#if (defined(HAVE_VPRINTF) && defined(HAVE_VFPRINTF))
+ {
+ va_list ap;
+#ifdef HAVE_STDARG_H
+ va_start(ap, fmt);
+#else
+ va_start(ap);
+#endif
+ /*rv = */ vfprintf(fp, fmt, ap);
+ va_end(ap);
+ }
+#else
+ /*rv = */ fprintf(fp, fmt, s1, s2, s3, s4, s5, s6);
+#endif
+ }
+
+ return rv;
+}
+
#ifdef HAVE_VPRINTF
#ifdef HAVE_STDARG_H
void
@@ -3218,7 +3278,7 @@
}
}
- if (debug && !SS) fprintf(stdout, "%s\n", buf);
+ if (debug && !SS) interactive_fprintf(stdout, "%s\n", buf);
if (!SS) return; /* Only to local log.. */
memcpy(s, "\r\n", 2);
Index: smtpserver/smtptls.c
===================================================================
RCS file: /cvsroot/zmailer/smtpserver/smtptls.c,v
retrieving revision 1.35
diff -u -r1.35 smtptls.c
--- smtpserver/smtptls.c 20 Aug 2004 13:40:06 -0000 1.35
+++ smtpserver/smtptls.c 2 Mar 2005 01:25:52 -0000
@@ -952,7 +952,7 @@
* understands in the message.
* Netscape communicator can still communicate with SSLv2 servers, so
* it sends out a SSLv2 client hello. To deal with it, our server must
- * be SSLv2 aware (even if we donīt like SSLv2), so we need to have the
+ * be SSLv2 aware (even if we don't like SSLv2), so we need to have the
* SSLv23 server here. If we want to limit the protocol level, we can
* add an option to not use SSLv2/v3/TLSv1 later.
*/
@@ -1001,7 +1001,7 @@
* containing seperate files for each CA pointed on by softlinks
* named by the hash values of the certificate.
* The first alternative has the advantage, that the file is opened and
- * read at startup time, so that you donīt have the hassle to maintain
+ * read at startup time, so that you don't have the hassle to maintain
* another copy of the CApath directory for chroot-jail. On the other
* hand, the file is not really readable.
*/
@@ -1209,9 +1209,6 @@
#define ZCONDFREE(var) if (var) free((void*)(var))
- ZCONDFREE(SS->TLS.protocol);
- ZCONDFREE(SS->TLS.cipher_name);
- ZCONDFREE(SS->TLS.cipher_info);
ZCONDFREE(SS->TLS.issuer_CN);
ZCONDFREE(SS->TLS.peer_issuer);
ZCONDFREE(SS->TLS.peer_CN);