From eb73dc34bbfbb5ffe8d9f3eb9d07fe981c938d8f Mon Sep 17 00:00:00 2001 From: Emmanuel Hocdet Date: Thu, 16 Jan 2020 14:45:00 +0100 Subject: [PATCH] BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak "set ssl cert " CLI command must free previous context. This patch should be backport to 2.1 --- src/ssl_sock.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 7d654bde8..e2c58a50f 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -3237,8 +3237,11 @@ static int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, stru err && *err ? *err : "", path); goto end; } - ret = 0; + /* no error, fill ckch with new context, old context must be free */ + if (ckch->ocsp_issuer) + X509_free(ckch->ocsp_issuer); ckch->ocsp_issuer = issuer; + ret = 0; end: