stream-ssl: Fix memory leak reported by valgrind.

test case 1628: peer ca cert ASN1_item_dup do_ca_cert_bootstrap (stream-ssl.c:413) ssl_connect (stream-ssl.c:468) scs_connecting (stream.c:297) stream_connect (stream.c:320) Fix by removing the X509_dup(). Signed-off-by: William Tu <u9012063@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
author: William Tu <u9012063@gmail.com> 2016-01-07 15:59:34 -0800
committer: Ben Pfaff <blp@ovn.org> 2016-01-11 09:11:28 -0800
commit: 6247ded478088ad0be142f2a01b5f0f6a61d13da (patch)
tree: c693b84391a62400a29b5c6da8be31b5fc1d57c3 /lib
parent: c7edc92111a74d554b04ae592ca6953ba239fb60 (diff)
download: openvswitch-6247ded478088ad0be142f2a01b5f0f6a61d13da.tar.gz
1 files changed, 0 insertions, 6 deletions
diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index f82c31928..0015fc3cb 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -408,12 +408,6 @@ do_ca_cert_bootstrap(struct stream *stream)
     /* SSL_CTX_add_client_CA makes a copy of cert's relevant data. */
     SSL_CTX_add_client_CA(ctx, cert);
 
-    /* SSL_CTX_use_certificate() takes ownership of the certificate passed in.
-     * 'cert' is owned by sslv->ssl, so we need to duplicate it. */
-    cert = X509_dup(cert);
-    if (!cert) {
-        out_of_memory();
-    }
     SSL_CTX_set_cert_store(ctx, X509_STORE_new());
     if (SSL_CTX_load_verify_locations(ctx, ca_cert.file_name, NULL) != 1) {
         VLOG_ERR("SSL_CTX_load_verify_locations: %s",
author	William Tu <u9012063@gmail.com>	2016-01-07 15:59:34 -0800
committer	Ben Pfaff <blp@ovn.org>	2016-01-11 09:11:28 -0800
commit	6247ded478088ad0be142f2a01b5f0f6a61d13da (patch)
tree	c693b84391a62400a29b5c6da8be31b5fc1d57c3 /lib
parent	c7edc92111a74d554b04ae592ca6953ba239fb60 (diff)
download	openvswitch-6247ded478088ad0be142f2a01b5f0f6a61d13da.tar.gz