summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-10-23 01:25:39 -0500
committerSlávek Banko <slavek.banko@axis.cz>2017-01-01 19:41:07 +0100
commitaeb2bd0fe640ecf90df48840fca79007b4895bbf (patch)
treee418b0fe44c5c0589c03a10684e6733fbde13546
parent294100108cb4ef6fdb6624792e1a7e11d2d7397e (diff)
downloadtdelibs-aeb2bd0fe640ecf90df48840fca79007b4895bbf.tar.gz
tdelibs-aeb2bd0fe640ecf90df48840fca79007b4895bbf.zip
Fix memory leak when deleting a KSSLCertificate that holds a CRL
(cherry picked from commit 9bf244dd97e89bf47dd70fe47a4f00a3f372f875)
-rw-r--r--tdeio/kssl/kopenssl.cc7
-rw-r--r--tdeio/kssl/kopenssl.h5
-rw-r--r--tdeio/kssl/ksslcertificate.cc6
3 files changed, 17 insertions, 1 deletions
diff --git a/tdeio/kssl/kopenssl.cc b/tdeio/kssl/kopenssl.cc
index bc89a420a..d4f086d8e 100644
--- a/tdeio/kssl/kopenssl.cc
+++ b/tdeio/kssl/kopenssl.cc
@@ -80,6 +80,7 @@ static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L;
static void (*K_X509_STORE_free) (X509_STORE *) = 0L;
static X509_STORE *(*K_X509_STORE_new) (void) = 0L;
static void (*K_X509_free) (X509 *) = 0L;
+static void (*K_X509_CRL_free) (X509_CRL *) = 0L;
static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L;
static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L;
static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L;
@@ -396,6 +397,7 @@ TDEConfig *cfg;
if (_cryptoLib) {
#ifdef KSSL_HAVE_SSL
K_X509_free = (void (*) (X509 *)) GET_CRYPTOLIB_SYMBOL("X509_free");
+ K_X509_CRL_free = (void (*) (X509_CRL *)) GET_CRYPTOLIB_SYMBOL("X509_CRL_free");
K_RAND_egd = (int (*)(const char *)) GET_CRYPTOLIB_SYMBOL("RAND_egd");
K_RAND_load_file = (int (*)(const char *, long)) GET_CRYPTOLIB_SYMBOL("RAND_load_file");
K_RAND_file_name = (const char* (*)(char *, size_t)) GET_CRYPTOLIB_SYMBOL("RAND_file_name");
@@ -899,6 +901,11 @@ void KOpenSSLProxy::X509_free(X509 *a) {
}
+void KOpenSSLProxy::X509_CRL_free(X509_CRL *a) {
+ if (K_X509_CRL_free) (K_X509_CRL_free)(a);
+}
+
+
char *KOpenSSLProxy::X509_NAME_oneline(X509_NAME *a,char *buf,int size) {
if (K_X509_NAME_oneline) return (K_X509_NAME_oneline)(a,buf,size);
return 0L;
diff --git a/tdeio/kssl/kopenssl.h b/tdeio/kssl/kopenssl.h
index 9d0537051..6185821a4 100644
--- a/tdeio/kssl/kopenssl.h
+++ b/tdeio/kssl/kopenssl.h
@@ -360,6 +360,11 @@ public:
*/
void X509_free(X509 *v);
+ /*
+ * X509_CRL_free - free up an X509 CRL
+ */
+ void X509_CRL_free(X509_CRL *v);
+
/*
* X509_NAME_oneline - return the X509 data in a string
diff --git a/tdeio/kssl/ksslcertificate.cc b/tdeio/kssl/ksslcertificate.cc
index 95e0866ca..e94681800 100644
--- a/tdeio/kssl/ksslcertificate.cc
+++ b/tdeio/kssl/ksslcertificate.cc
@@ -118,8 +118,12 @@ KSSLCertificate::KSSLCertificate(const KSSLCertificate& x) {
KSSLCertificate::~KSSLCertificate() {
#ifdef KSSL_HAVE_SSL
- if (d->m_cert)
+ if (d->m_cert) {
d->kossl->X509_free(d->m_cert);
+ }
+ if (d->m_cert_crl) {
+ d->kossl->X509_CRL_free(d->m_cert_crl);
+ }
#endif
delete d;
}