From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Wed, 22 Apr 2015 19:45:30 +0000 (+0300)
Subject: Fix SSL_get_peer_certificate memory leak
X-Git-Tag: merge-candidate-3-v1~156
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fa17b7f538af9a4ffe6ce28e3728a40cab474a7b;p=thirdparty%2Fsquid.git

Fix SSL_get_peer_certificate memory leak

The SSL_get_peer_certificate openSSL function increases the lock for X509
object it returns so X509 object retrieved using this function must be
released with X509_free after use.
This patch uses the Ssl::X509_Pointer TidyPointer to release X509 object
retrieved with the SSL_get_peer_certificate function inside the
Ssl::PeerConnector::handleNegotiateError method

This is a Measurement Factory project
---

diff --git a/src/ssl/PeerConnector.cc b/src/ssl/PeerConnector.cc
index 9557b5118a..9ea1525356 100644
--- a/src/ssl/PeerConnector.cc
+++ b/src/ssl/PeerConnector.cc
@@ -602,11 +602,13 @@ Ssl::PeerConnector::handleNegotiateError(const int ret)
         // unsupported server Hello message (TODO: make configurable).
 #if 1
         if (!SSL_get_ex_data(ssl, ssl_ex_index_ssl_error_detail) &&
-                SSL_get_peer_certificate(ssl) &&
                 (srvBio->bumpMode() == Ssl::bumpPeek  || srvBio->bumpMode() == Ssl::bumpStare) && srvBio->holdWrite()) {
-            debugs(81, 3, "Error ("  << ERR_error_string(ssl_lib_error, NULL) <<  ") but, hold write on SSL connection on FD " << fd);
-            checkForPeekAndSplice();
-            return;
+            Ssl::X509_Pointer serverCert(SSL_get_peer_certificate(ssl));
+            if (serverCert.get()) {
+                debugs(81, 3, "Error ("  << ERR_error_string(ssl_lib_error, NULL) <<  ") but, hold write on SSL connection on FD " << fd);
+                checkForPeekAndSplice();
+                return;
+            }
         }
 #endif