[ovs-dev] [PATCH] stream-ssl.c: fix memory leak reported by valgrind
William Tu
u9012063 at gmail.com
Thu Jan 7 23:59:34 UTC 2016
test case 1628: peer ca cert
ASN1_item_dup
do_ca_cert_bootstrap (stream-ssl.c:413)
ssl_connect (stream-ssl.c:468)
scs_connecting (stream.c:297)
stream_connect (stream.c:320)
Fix by removing the X509_dup().
Signed-off-by: William Tu <u9012063 at gmail.com>
---
lib/stream-ssl.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index f82c319..0015fc3 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -408,12 +408,6 @@ do_ca_cert_bootstrap(struct stream *stream)
/* SSL_CTX_add_client_CA makes a copy of cert's relevant data. */
SSL_CTX_add_client_CA(ctx, cert);
- /* SSL_CTX_use_certificate() takes ownership of the certificate passed in.
- * 'cert' is owned by sslv->ssl, so we need to duplicate it. */
- cert = X509_dup(cert);
- if (!cert) {
- out_of_memory();
- }
SSL_CTX_set_cert_store(ctx, X509_STORE_new());
if (SSL_CTX_load_verify_locations(ctx, ca_cert.file_name, NULL) != 1) {
VLOG_ERR("SSL_CTX_load_verify_locations: %s",
--
2.5.0
More information about the dev
mailing list