* modules/ssl/ssl_engine_vars.c (ssl_get_tls_cb): Fix leak of X509

author Joe Orton <jorton@apache.org>

Wed, 25 Mar 2020 15:13:06 +0000 (15:13 +0000)

committer Joe Orton <jorton@apache.org>

Wed, 25 Mar 2020 15:13:06 +0000 (15:13 +0000)
author Joe Orton <jorton@apache.org>
Wed, 25 Mar 2020 15:13:06 +0000 (15:13 +0000)
committer Joe Orton <jorton@apache.org>
Wed, 25 Mar 2020 15:13:06 +0000 (15:13 +0000)
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c

index 6c04f798d3c05a4a0838abbd4d552b6381773afa..cabf08170f98231bb3ca8156a1be08b0493206f0 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -102,6 +102,9 @@ static apr_status_t ssl_get_tls_cb(apr_pool_t *p, conn_rec *c, const char *type,
      }
      else if (strcEQ(type, "SERVER_TLS_SERVER_END_POINT")) {
          x = SSL_get_certificate(sslconn->ssl);
+        /* Increase refcount so X509_free below works for both client
+         * and server cases. */
+        if (x) X509_up_ref(x);
      }
      else if (strcEQ(type, "CLIENT_TLS_SERVER_END_POINT")) {
          x = SSL_get_peer_certificate(sslconn->ssl);
@@ -130,6 +133,8 @@ static apr_status_t ssl_get_tls_cb(apr_pool_t *p, conn_rec *c, const char *type,
          preflen = sizeof(TLS_SERVER_END_POINT_PREFIX) - 1;
          prefix = TLS_SERVER_END_POINT_PREFIX;
          data = cb;
+
+        X509_free(x);
      } 
      else {
          return APR_EGENERAL;
author	Joe Orton <jorton@apache.org>
	Wed, 25 Mar 2020 15:13:06 +0000 (15:13 +0000)
committer	Joe Orton <jorton@apache.org>
	Wed, 25 Mar 2020 15:13:06 +0000 (15:13 +0000)