diff options
author | Etienne Samson <samson.etienne@gmail.com> | 2017-12-05 23:21:05 +0000 |
---|---|---|
committer | Etienne Samson <samson.etienne@gmail.com> | 2017-12-16 00:07:51 +0100 |
commit | 8be2a79099e636a05ddbc2a2f923afc27ca1e019 (patch) | |
tree | 4f22c1b045a9a58b9a16d7910e902b3ca791adf2 | |
parent | 2518eb81a2de64996362249a22995bd84fb68c49 (diff) | |
download | libgit2-8be2a79099e636a05ddbc2a2f923afc27ca1e019.tar.gz |
openssl: free the peer certificate
Per SSL_get_peer_certificate docs:
```
The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free().
```
-rw-r--r-- | src/streams/openssl.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/streams/openssl.c b/src/streams/openssl.c index 49a551b25..9d566074c 100644 --- a/src/streams/openssl.c +++ b/src/streams/openssl.c @@ -332,7 +332,7 @@ static int check_host_name(const char *name, const char *host) static int verify_server_cert(SSL *ssl, const char *host) { - X509 *cert; + X509 *cert = NULL; X509_NAME *peer_name; ASN1_STRING *str; unsigned char *peer_cn = NULL; @@ -458,6 +458,7 @@ on_error: goto cleanup; cleanup: + X509_free(cert); OPENSSL_free(peer_cn); return error; } |