diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-01-07 16:50:31 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-01-07 16:50:31 +0000 |
| commit | 491298a067ceaedecc6a35fb9ce72ecbf968a91d (patch) | |
| tree | 021eb1bdad4725dda9be012f9da342652a7ed17e | |
| parent | ea2280ada7d852597a195d908268036cc4ab0962 (diff) | |
| download | tor-491298a067ceaedecc6a35fb9ce72ecbf968a91d.tar tor-491298a067ceaedecc6a35fb9ce72ecbf968a91d.tar.gz | |
r17490@catbus: nickm | 2008-01-07 11:48:02 -0500
Fix bug 582: decref the idcert when we add it to the store.
svn:r13052
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/common/tortls.c | 8 |
2 files changed, 4 insertions, 6 deletions
@@ -27,6 +27,8 @@ Changes in version 0.2.0.16-alpha - 2008-01-?? - Patch from Karsten Loesing to complain less at both the client and the relay when a relay used to have the HSDir flag but doesn't anymore, and we try to upload a hidden service descriptor. + - Stop leaking one cert per TLS context. Fixes bug 582. Bugfix + on 0.2.0.15-alpha. o Minor features (controller): - Get NS events working again. (Patch from tup) diff --git a/src/common/tortls.c b/src/common/tortls.c index 8775cbc18..844969aa0 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -550,18 +550,14 @@ tor_tls_context_new(crypto_pk_env_t *identity, const char *nickname, goto error; X509_free(cert); /* We just added a reference to cert. */ cert=NULL; -#if 0 - if (idcert && !SSL_CTX_add_extra_chain_cert(result->ctx,idcert)) - goto error; -#else if (idcert) { X509_STORE *s = SSL_CTX_get_cert_store(result->ctx); tor_assert(s); X509_STORE_add_cert(s, idcert); /*XXXX020 This cert seems not to get * freed. Fix that! */ + X509_free(idcert); /* The context now owns the reference to idcert */ + idcert = NULL; } -#endif - idcert=NULL; /* The context now owns the reference to idcert */ SSL_CTX_set_session_cache_mode(result->ctx, SSL_SESS_CACHE_OFF); tor_assert(rsa); if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,1))) |