diff options
| -rw-r--r-- | src/common/tortls.c | 15 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 1 |
2 files changed, 9 insertions, 7 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index 647bf26166..420b1963f7 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -338,8 +338,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, if (!client_only) { if (cert && !SSL_CTX_use_certificate(*ctx,cert)) goto error; + X509_free(cert); /* We just added a reference to cert. */ + cert=NULL; if (idcert && !SSL_CTX_add_extra_chain_cert(*ctx,idcert)) goto error; + idcert=NULL; /* The context now owns the reference to idcert */ } SSL_CTX_set_session_cache_mode(*ctx, SSL_SESS_CACHE_OFF); if (isServer && !client_only) { @@ -350,10 +353,8 @@ tor_tls_context_new(crypto_pk_env_t *identity, goto error; EVP_PKEY_free(pkey); pkey = NULL; - if (cert) { - if (!SSL_CTX_check_private_key(*ctx)) - goto error; - } + if (!SSL_CTX_check_private_key(*ctx)) + goto error; } dh = crypto_dh_new(); SSL_CTX_set_tmp_dh(*ctx, _crypto_dh_env_get_dh(dh)); @@ -393,7 +394,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, if (cert) X509_free(cert); if (idcert) - X509_free(cert); + X509_free(idcert); return -1; } @@ -614,12 +615,12 @@ tor_tls_get_peer_cert_nickname(tor_tls *tls, char *buf, size_t buflen) log_fn(LOG_WARN, "Peer certificate nickname has illegal characters."); goto error; } + X509_free(cert); + return 0; error: if (cert) X509_free(cert); - if (name) - X509_NAME_free(name); return -1; } diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index bdd760a377..aa101aff6d 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -118,6 +118,7 @@ circuit_list_path(circuit_t *circ, int verbose) s = smartlist_join_strings(elements, verbose?" ":",", 0, NULL); SMARTLIST_FOREACH(elements, char*, cp, tor_free(cp)); + smartlist_free(elements); return s; } |