BUG/MEDIUM: ssl: potential memory leak using verifyhost

If server certificate presents dns aliases, a memory leak appears
on health checks when 'verifyhost' statement is used.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a55a5bf4ce5b040ae6aec4e89a47891ec1be9378..4ae27fc30487e17666e35e9d33bd80416a5b40d5 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -861,6 +861,7 @@ static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
                                }
                        }
                }
+               sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
        }
 
        cert_subject = X509_get_subject_name(cert);