OpenSSL: Fix leak of cert_x509
authorDavid Woodhouse <David.Woodhouse@intel.com>
Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)
committerDavid Woodhouse <David.Woodhouse@intel.com>
Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
openssl.c

index fb73127..e3e5c48 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -1312,9 +1312,15 @@ void openconnect_close_https(struct openconnect_info *vpninfo, int final)
                FD_CLR(vpninfo->ssl_fd, &vpninfo->select_efds);
                vpninfo->ssl_fd = -1;
        }
-       if (final && vpninfo->https_ctx) {
-               SSL_CTX_free(vpninfo->https_ctx);
-               vpninfo->https_ctx = NULL;
+       if (final) {
+               if (vpninfo->https_ctx) {
+                       SSL_CTX_free(vpninfo->https_ctx);
+                       vpninfo->https_ctx = NULL;
+               }
+               if (vpninfo->cert_x509) {
+                       X509_free(vpninfo->cert_x509);
+                       vpninfo->cert_x509 = NULL;
+               }
        }
 }