Author: brane Date: Thu Dec 15 08:23:23 2016 New Revision: 1774385 URL: http://svn.apache.org/viewvc?rev=1774385&view=rev Log: Don't leak SSL certificates.
* buckets/ssl_buckets.c (free_ssl_cert): New pool cleanup function. (serf_ssl_load_cert_file): Set up a pool cleanup for the certificate, as per the (now removed) TODO comment. Modified: serf/trunk/buckets/ssl_buckets.c Modified: serf/trunk/buckets/ssl_buckets.c URL: http://svn.apache.org/viewvc/serf/trunk/buckets/ssl_buckets.c?rev=1774385&r1=1774384&r2=1774385&view=diff ============================================================================== --- serf/trunk/buckets/ssl_buckets.c (original) +++ serf/trunk/buckets/ssl_buckets.c Thu Dec 15 08:23:23 2016 @@ -1902,6 +1902,12 @@ static const char *ssl_get_selected_prot return context->selected_protocol; } +/* Pool cleanup function for certificates */ +static apr_status_t free_ssl_cert(void *data) +{ + X509_free(data); + return APR_SUCCESS; +} apr_status_t serf_ssl_use_default_certificates(serf_ssl_context_t *ssl_ctx) { @@ -1945,10 +1951,12 @@ apr_status_t serf_ssl_load_cert_file( bio_meth_free(biom); if (ssl_cert) { - /* TODO: Setup pool cleanup to free certificate */ *cert = apr_palloc(pool, sizeof(serf_ssl_certificate_t)); (*cert)->ssl_cert = ssl_cert; + apr_pool_cleanup_register(pool, ssl_cert, free_ssl_cert, + apr_pool_cleanup_null); + return APR_SUCCESS; } #if 0