From 1f25ec70d144d85e28ec4d2769fefd8abb00cbca Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Fri, 22 Jul 2016 12:04:35 +0200 Subject: m_ssl_openssl Verify DH params being non-NULL before setting it on the context Fixes issue reported by @m4rkw on IRC --- src/modules/extra/m_ssl_openssl.cpp | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 9e6472ac3..aee7a5e34 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -405,12 +405,19 @@ class ModuleSSLOpenSSL : public Module #endif ERR_clear_error(); - if ((SSL_CTX_set_tmp_dh(ctx, ret) < 0) || (SSL_CTX_set_tmp_dh(clictx, ret) < 0)) + if (ret) { - ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Couldn't set DH parameters %s. SSL errors follow:", dhfile.c_str()); - ERR_print_errors_cb(error_callback, this); + if ((SSL_CTX_set_tmp_dh(ctx, ret) < 0) || (SSL_CTX_set_tmp_dh(clictx, ret) < 0)) + { + ServerInstance->Logs->Log("m_ssl_openssl", DEFAULT, "m_ssl_openssl.so: Couldn't set DH parameters %s. SSL errors follow:", dhfile.c_str()); + ERR_print_errors_cb(error_callback, this); + } + DH_free(ret); + } + else + { + ServerInstance->Logs->Log("m_ssl_openssl", DEFAULT, "m_ssl_openssl.so: Couldn't set DH parameters %s.", dhfile.c_str()); } - DH_free(ret); } #ifndef _WIN32 -- cgit v1.2.3