OpenSSL: Fix leak of cert_x509

author David Woodhouse <David.Woodhouse@intel.com>

Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)

committer David Woodhouse <David.Woodhouse@intel.com>

Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)
author David Woodhouse <David.Woodhouse@intel.com>
Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)
committer David Woodhouse <David.Woodhouse@intel.com>
Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)
diff --git a/openssl.c b/openssl.c

index fb73127..e3e5c48 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -1312,9 +1312,15 @@ void openconnect_close_https(struct openconnect_info *vpninfo, int final)
                 FD_CLR(vpninfo->ssl_fd, &vpninfo->select_efds);
                 vpninfo->ssl_fd = -1;
         }
-       if (final && vpninfo->https_ctx) {
-               SSL_CTX_free(vpninfo->https_ctx);
-               vpninfo->https_ctx = NULL;
+       if (final) {
+               if (vpninfo->https_ctx) {
+                       SSL_CTX_free(vpninfo->https_ctx);
+                       vpninfo->https_ctx = NULL;
+               }
+               if (vpninfo->cert_x509) {
+                       X509_free(vpninfo->cert_x509);
+                       vpninfo->cert_x509 = NULL;
+               }
         }
  }
author	David Woodhouse <David.Woodhouse@intel.com>
	Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)
committer	David Woodhouse <David.Woodhouse@intel.com>
	Tue, 12 Jun 2012 09:34:45 +0000 (10:34 +0100)