Was looking at http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/003_ftp.patch.sig this last chunk...
+ if (ssl_verify) { + X509 *cert; + + cert = SSL_get_peer_certificate(ssl); + if (cert == NULL) { + fprintf(ttyout, "%s: no server certificate\n", + getprogname()); + goto cleanup_url_get; + } + + if (ssl_check_hostname(cert, host) != 0) { + fprintf(ttyout, "%s: host `%s' not present in" + " server certificate\n", + getprogname(), host); + goto cleanup_url_get; + } + + X509_free(cert); } If that second check fails and you goto cleanup_url_get you skip X509_free(cert). Wouldn't that screw up the reference count? Or does that not matter after SSL_Shutdown and SSL_Free are called?