You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@serf.apache.org by br...@apache.org on 2016/12/15 08:23:24 UTC
svn commit: r1774385 - /serf/trunk/buckets/ssl_buckets.c
Author: brane
Date: Thu Dec 15 08:23:23 2016
New Revision: 1774385
URL: http://svn.apache.org/viewvc?rev=1774385&view=rev
Log:
Don't leak SSL certificates.
* buckets/ssl_buckets.c
(free_ssl_cert): New pool cleanup function.
(serf_ssl_load_cert_file): Set up a pool cleanup for the certificate,
as per the (now removed) TODO comment.
Modified:
serf/trunk/buckets/ssl_buckets.c
Modified: serf/trunk/buckets/ssl_buckets.c
URL: http://svn.apache.org/viewvc/serf/trunk/buckets/ssl_buckets.c?rev=1774385&r1=1774384&r2=1774385&view=diff
==============================================================================
--- serf/trunk/buckets/ssl_buckets.c (original)
+++ serf/trunk/buckets/ssl_buckets.c Thu Dec 15 08:23:23 2016
@@ -1902,6 +1902,12 @@ static const char *ssl_get_selected_prot
return context->selected_protocol;
}
+/* Pool cleanup function for certificates */
+static apr_status_t free_ssl_cert(void *data)
+{
+ X509_free(data);
+ return APR_SUCCESS;
+}
apr_status_t serf_ssl_use_default_certificates(serf_ssl_context_t *ssl_ctx)
{
@@ -1945,10 +1951,12 @@ apr_status_t serf_ssl_load_cert_file(
bio_meth_free(biom);
if (ssl_cert) {
- /* TODO: Setup pool cleanup to free certificate */
*cert = apr_palloc(pool, sizeof(serf_ssl_certificate_t));
(*cert)->ssl_cert = ssl_cert;
+ apr_pool_cleanup_register(pool, ssl_cert, free_ssl_cert,
+ apr_pool_cleanup_null);
+
return APR_SUCCESS;
}
#if 0