commit 7861c4d764ae8989346b9e3e3382dfd0c0a92c99
author Maxim Dounin <mdounin@mdounin.ru> Tue Aug 22 17:36:12 2017 +0300
committer Maxim Dounin <mdounin@mdounin.ru> Tue Aug 22 17:36:12 2017 +0300
tree 72a91d2bcff58902adcfb7ab344225ec33d6bef5
parent 6bc115f83bd2d6593efca4adccd6655cd3b2e7cd

SSL: fixed possible use-after-free in $ssl_server_name.

The $ssl_server_name variable used SSL_get_servername() result directly,
but this is not safe: it references a memory allocation in an SSL
session, and this memory might be freed at any time due to renegotiation.
Instead, copy the name to memory allocated from the pool.