[ovs-dev] [PATCH] stream-ssl.c: fix memory leak reported by valgrind

William Tu Thu, 07 Jan 2016 16:00:07 -0800

test case 1628: peer ca cert
    ASN1_item_dup
    do_ca_cert_bootstrap (stream-ssl.c:413)
    ssl_connect (stream-ssl.c:468)
    scs_connecting (stream.c:297)
    stream_connect (stream.c:320)
Fix by removing the X509_dup().


Signed-off-by: William Tu <u9012...@gmail.com>
---
 lib/stream-ssl.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index f82c319..0015fc3 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -408,12 +408,6 @@ do_ca_cert_bootstrap(struct stream *stream)
     /* SSL_CTX_add_client_CA makes a copy of cert's relevant data. */
     SSL_CTX_add_client_CA(ctx, cert);
 
-    /* SSL_CTX_use_certificate() takes ownership of the certificate passed in.
-     * 'cert' is owned by sslv->ssl, so we need to duplicate it. */
-    cert = X509_dup(cert);
-    if (!cert) {
-        out_of_memory();
-    }
     SSL_CTX_set_cert_store(ctx, X509_STORE_new());
     if (SSL_CTX_load_verify_locations(ctx, ca_cert.file_name, NULL) != 1) {
         VLOG_ERR("SSL_CTX_load_verify_locations: %s",
-- 
2.5.0

_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

[ovs-dev] [PATCH] stream-ssl.c: fix memory leak reported by valgrind

Reply via email to