Comment 8 for bug 1366174

Robie: removing the reference to certinfo_free where X509_get_ex_new_index is called within ssl_stapling_ex_init works around the 2.4.10 bug at the expense of a memory leak. I haven't (yet) verified this entirely fixes 2.4.7 though I suspect it will. I'll test that in a bit.

Obviously this solution is pretty foul, but is probably better than the current situation. A better solution from upstream would be welcomed.

The underlying issue is that not all SSL resources are being correctly individually freed, and for various reasons the cleanup function can't be used to clean them all up. If I've understood this bug right, any apache config that uses SSL is vulnerable to a crash on startup; it just needs to be reasonably complex (sufficiently complex to cause dlopen() to choose a different memory address to load the SSL module).