On Wed, Dec 29, 2010, Bin Lu wrote: > Hi Steve, > > > > My code looks like this(error checking is omitted): > > > > OCSP_BASICRESP* bs = OCSP_response_get1_basic(resp); > > OCSP_check_nonce(req, bs); > > OCSP_basic_verify(bs, chain, store, verifyFlags); > > OCSP_resp_find_status(bs, id, &status, ...); > > > > if (resp!=NULL) OCSP_RESPONSE_free(resp); > > if (bs != NULL) OCSP_BASICRESP_free(bs); > > > > Do I need to explicitly free this OCSP_BASICRESP(does > OCSP_response_get1_basic() return dup'ed data structure)? >
Yes you do need to explicitly free it. The '1' in the function name indicates it returns structures which must be freed. Are you seting the remaining arguments to OCSP_resp_find_status() to NULL or do you extract those fields too? The other fields are *not* duped. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
