From 1621dc1cc59cf99c8d5e02c0f300f1cd743cafa1 Mon Sep 17 00:00:00 2001
From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Thu, 3 Nov 2022 15:16:48 +0100
Subject: [PATCH] BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when
 loading issuer

When calling ssl_get0_issuer_chain, if akid is not NULL but its keyid
is, then the AUTHORITY_KEYID is not freed.

This patch can be backported to all stable branches.
---
 src/ssl_sock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 2f76bb9866..801405b309 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7231,8 +7231,8 @@ int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err)
 				break;
 			}
 		}
-		AUTHORITY_KEYID_free(akid);
 	}
+	AUTHORITY_KEYID_free(akid);
 	return issuer;
 }
 
-- 
2.47.3