BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak

"set ssl cert <filename.issuer> <payload>" CLI command must free
previous context.

This patch should be backport to 2.1

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 7d654bde827aa262a0506d9efd7de4606cf1b3ff..e2c58a50fba6bf902b14183550d9e926d02aefa5 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3237,8 +3237,11 @@ static int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, stru
                          err && *err ? *err : "", path);
                goto end;
        }
-       ret = 0;
+       /* no error, fill ckch with new context, old context must be free */
+       if (ckch->ocsp_issuer)
+               X509_free(ckch->ocsp_issuer);
        ckch->ocsp_issuer = issuer;
+       ret = 0;
 
 end: