projects / platform / upstream / dotnet / runtime.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 012d3da)
free existingTrust when verifying certificate name on macOS (#41657)
authorTomas Weinfurt <tweinfurt@yahoo.com>
Wed, 2 Sep 2020 00:35:25 +0000 (17:35 -0700)
committerGitHub <noreply@github.com>
Wed, 2 Sep 2020 00:35:25 +0000 (17:35 -0700)
* free existingTrust when verifying certificate name

* add back NL

* free existingTrust on error path as well

src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c patch | blob | history

diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c
index f764670..78497ce 100644 (file)
--- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c
+++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_ssl.c
@@ -392,6 +392,7 @@ int32_t AppleCryptoNative_SslIsHostnameMatch(SSLContextRef sslContext, CFStringR
     if (anchors == NULL)
     {
         CFRelease(certs);
+        CFRelease(existingTrust);
         return -6;
     }
 
@@ -513,6 +514,9 @@ int32_t AppleCryptoNative_SslIsHostnameMatch(SSLContextRef sslContext, CFStringR
     if (anchors != NULL)
         CFRelease(anchors);
 
+    if (existingTrust != NULL)
+        CFRelease(existingTrust);
+
     CFRelease(sslPolicy);
     return ret;
 }
Domain: Dotnet / Core;