From: Frederic Lecaille <flecaille@haproxy.com>
Date: Mon, 23 Feb 2026 09:47:15 +0000 (+0100)
Subject: CLEANUP: ssl: Remove a useless variable from ssl_gen_x509()
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dfa8907a3d54ea87ab6660c76d2da5dd7377aaa4;p=thirdparty%2Fhaproxy.git

CLEANUP: ssl: Remove a useless variable from ssl_gen_x509()

This function was recently created by moving code from acme_gen_tmp_x509()
(in acme.c) to ssl_gencrt.c (ssl_gen_x509()). The <ctmp> variable was
initialized and then freed without ever being used. This was already the
case in the original acme_gen_tmp_x509() function.

This patch removes these useless statements.

Reported in GH #3284
---

diff --git a/src/ssl_gencert.c b/src/ssl_gencert.c
index 50e3e9c88..ef6922d35 100644
--- a/src/ssl_gencert.c
+++ b/src/ssl_gencert.c
@@ -524,7 +524,6 @@ X509 *ssl_gen_x509(EVP_PKEY *pkey)
 	X509         *newcrt  = NULL;
 	X509_NAME    *name;
 	const EVP_MD *digest = NULL;
-	CONF         *ctmp    = NULL;
 	int 	      key_type;
 
 	/* Create the certificate */
@@ -581,7 +580,6 @@ X509 *ssl_gen_x509(EVP_PKEY *pkey)
 	return newcrt;
 
 mkcert_error:
-	if (ctmp) NCONF_free(ctmp);
 	if (newcrt)  X509_free(newcrt);
 	return NULL;