BUG/MINOR: ssl: memory leak when trying to load a directory with ca-file

This patch fixes a memory leak of the ca structure when trying to load a
directory with the ca-file directive.

No backport needed.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 589e6911750d1249d311debc0a67b18592b3530a..447fdbb5685ca44d29ad5b7e412ddda21dc6ef49 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -1168,11 +1168,13 @@ int ssl_store_load_locations_file(char *path, int create_if_none, enum cafile_ty
                                if (X509_STORE_add_cert(store, ca) == 0)
                                        goto scandir_err;
 
+                               X509_free(ca);
                                BIO_free(in);
                                free(de);
                                continue;
 
 scandir_err:
+                               X509_free(ca);
                                BIO_free(in);
                                free(de);
                                ha_warning("ca-file: '%s' couldn't load '%s'\n", path, trash.area);