diff options
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/common/tortls.c | 8 |
2 files changed, 4 insertions, 6 deletions
@@ -27,6 +27,8 @@ Changes in version 0.2.0.16-alpha - 2008-01-?? - Patch from Karsten Loesing to complain less at both the client and the relay when a relay used to have the HSDir flag but doesn't anymore, and we try to upload a hidden service descriptor. + - Stop leaking one cert per TLS context. Fixes bug 582. Bugfix + on 0.2.0.15-alpha. o Minor features (controller): - Get NS events working again. (Patch from tup) diff --git a/src/common/tortls.c b/src/common/tortls.c index 8775cbc182..844969aa02 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -550,18 +550,14 @@ tor_tls_context_new(crypto_pk_env_t *identity, const char *nickname, goto error; X509_free(cert); /* We just added a reference to cert. */ cert=NULL; -#if 0 - if (idcert && !SSL_CTX_add_extra_chain_cert(result->ctx,idcert)) - goto error; -#else if (idcert) { X509_STORE *s = SSL_CTX_get_cert_store(result->ctx); tor_assert(s); X509_STORE_add_cert(s, idcert); /*XXXX020 This cert seems not to get * freed. Fix that! */ + X509_free(idcert); /* The context now owns the reference to idcert */ + idcert = NULL; } -#endif - idcert=NULL; /* The context now owns the reference to idcert */ SSL_CTX_set_session_cache_mode(result->ctx, SSL_SESS_CACHE_OFF); tor_assert(rsa); if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,1))) |