BUG/MINOR: httpclient: fixed memory allocation for the SSL ca_file

The memory for the SSL ca_file was allocated only once (in the function
httpclient_create_proxy()) and that pointer was assigned to each created
proxy that the HTTP client uses.  This would not be a problem if this
memory was not freed in each individual proxy when it was deinitialized
in the function ssl_sock_free_srv_ctx().

  Memory allocation:
    src/http_client.c, function httpclient_create_proxy():
      1277:	if (!httpclient_ssl_ca_file)
      1278:		httpclient_ssl_ca_file = strdup("@system-ca");
      1280:	srv_ssl->ssl_ctx.ca_file = httpclient_ssl_ca_file;

  Memory deallocation:
    src/ssl_sock.c, function ssl_sock_free_srv_ctx():
      5613:	ha_free(&srv->ssl_ctx.ca_file);

This should be backported to version 2.6.

diff --git a/src/http_client.c b/src/http_client.c
index 92a4ed6dd874a3825e8ce1ff6cd7ae62fc902580..88375e9548570a1850a21929d0adddd84d41cb3a 100644 (file)
--- a/src/http_client.c
+++ b/src/http_client.c
@@ -1274,10 +1274,7 @@ struct proxy *httpclient_create_proxy(const char *id)
        /* if the verify is required, try to load the system CA */
        if (httpclient_ssl_verify == SSL_SOCK_VERIFY_REQUIRED) {
 
-               if (!httpclient_ssl_ca_file)
-                       httpclient_ssl_ca_file = strdup("@system-ca");
-
-               srv_ssl->ssl_ctx.ca_file = httpclient_ssl_ca_file;
+               srv_ssl->ssl_ctx.ca_file = strdup(httpclient_ssl_ca_file ? httpclient_ssl_ca_file : "@system-ca");
                if (!ssl_store_load_locations_file(srv_ssl->ssl_ctx.ca_file, 1, CAFILE_CERT)) {
                        /* if we failed to load the ca-file, only quits in
                         * error with hard_error, otherwise just disable the