openssl: free the peer certificate

Per SSL_get_peer_certificate docs: ``` The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free(). ```
author: Etienne Samson <samson.etienne@gmail.com> 2017-12-05 23:21:05 +0000
committer: Etienne Samson <samson.etienne@gmail.com> 2017-12-16 00:07:51 +0100
commit: 8be2a79099e636a05ddbc2a2f923afc27ca1e019 (patch)
tree: 4f22c1b045a9a58b9a16d7910e902b3ca791adf2
parent: 2518eb81a2de64996362249a22995bd84fb68c49 (diff)
download: libgit2-8be2a79099e636a05ddbc2a2f923afc27ca1e019.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/src/streams/openssl.c b/src/streams/openssl.c
index 49a551b25..9d566074c 100644
--- a/src/streams/openssl.c
+++ b/src/streams/openssl.c
@@ -332,7 +332,7 @@ static int check_host_name(const char *name, const char *host)
 
 static int verify_server_cert(SSL *ssl, const char *host)
 {
-	X509 *cert;
+	X509 *cert = NULL;
 	X509_NAME *peer_name;
 	ASN1_STRING *str;
 	unsigned char *peer_cn = NULL;
@@ -458,6 +458,7 @@ on_error:
 	goto cleanup;
 
 cleanup:
+	X509_free(cert);
 	OPENSSL_free(peer_cn);
 	return error;
 }
author	Etienne Samson <samson.etienne@gmail.com>	2017-12-05 23:21:05 +0000
committer	Etienne Samson <samson.etienne@gmail.com>	2017-12-16 00:07:51 +0100
commit	8be2a79099e636a05ddbc2a2f923afc27ca1e019 (patch)
tree	4f22c1b045a9a58b9a16d7910e902b3ca791adf2
parent	2518eb81a2de64996362249a22995bd84fb68c49 (diff)
download	libgit2-8be2a79099e636a05ddbc2a2f923afc27ca1e019.tar.gz