]> git.kaiwu.me - haproxy.git/commit
projects / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c6d45fe) | patch
BUG/MEDIUM: acme: fix segfault on newOrder with empty authorizations
authorWilliam Lallemand <wlallemand@haproxy.com>
Wed, 29 Apr 2026 16:04:27 +0000 (18:04 +0200)
committerWilliam Lallemand <wlallemand@haproxy.com>
Wed, 29 Apr 2026 16:22:45 +0000 (18:22 +0200)
commit0f02a62da02eaeb8444d8edddb0b3d1e58158610
tree6a9c532d8b10f3393dd4397e45ed06df4b5a08a9tree | snapshot
parentc6d45fec8663468d05afd4528764bb66775ac717commit | diff
BUG/MEDIUM: acme: fix segfault on newOrder with empty authorizations

When an ACME server returns a newOrder response with an empty
authorizations array (certificate already validated), ctx->auths
remains NULL. The state machine then transitions to ACME_AUTH which
immediately dereferences ctx->next_auth, causing a segfault.

Return an error from acme_res_neworder() so the caller retries.

This needs to be backported to 3.2.
src/acme.c diff | blob | history
haproxy upstream