SSL: fixed possible use-after-free in $ssl_server_name.

The $ssl_server_name variable used SSL_get_servername() result directly,
but this is not safe: it references a memory allocation in an SSL
session, and this memory might be freed at any time due to renegotiation.
Instead, copy the name to memory allocated from the pool.

0 files changed, 0 insertions, 0 deletions