git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Steffan Karger <steffan@karger.me>
	Sun, 7 May 2017 11:01:18 +0000 (13:01 +0200)
committer	David Sommerseth <davids@openvpn.net>
	Mon, 8 May 2017 15:55:01 +0000 (17:55 +0200)
commit	7b94d3bbbea46efcea12e1df24da52fe508d0173
tree	f26707aa430398ab73d790df550596ba123ae921	tree
parent	69311687da55b8c0e6966b25c94c72494ea44e57	commit \| diff

Fix memory leak in x509_verify_cert_ku()

If keyUsage was only required to be present, but no specific value was
required, we would omit to free the extracted string. This happens as of
2.4.1, if --remote-cert-tls is used. In that case we leak a bit of
memory on each TLS (re)negotiation.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1494154878-18403-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14563.html
Signed-off-by: David Sommerseth <davids@openvpn.net>

Changes.rst		diff \| blob \| blame \| history
src/openvpn/ssl_verify_openssl.c		diff \| blob \| blame \| history