diff options
author | thekuwayama <thekuwayama@gmail.com> | 2020-01-01 10:07:00 +0900 |
---|---|---|
committer | Samuel Williams <samuel.williams@oriontransfer.co.nz> | 2020-01-25 00:30:40 +1300 |
commit | 5ee295ab8e37c8ffc6eb8c1b7b79ec024f3253e4 (patch) | |
tree | 56147d3fccaae02fbf317f2e62c0a6c82987bb14 /ext | |
parent | 8b4fa5e336c7544ea677ccee160ec6d221559e10 (diff) | |
download | ruby-openssl-5ee295ab8e37c8ffc6eb8c1b7b79ec024f3253e4.tar.gz |
add X509_free and EVP_PKEY_free
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/ossl_ssl.c | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index d1eb977e..d1147ab4 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1370,23 +1370,35 @@ ossl_sslctx_add_certificate_chain_file(VALUE self, VALUE certs_path, VALUE pkey_ fclose(fp); if (!pkey) rb_raise(rb_eArgError, "failed to open pkey file"); + /* Retrieve public key */ ccerts_path = StringValueCStr(certs_path); fp = fopen(ccerts_path, "r"); - if (!fp) + if (!fp) { + EVP_PKEY_free(pkey); rb_raise(rb_eArgError, "failed to open certs file"); + } x509 = PEM_read_X509(fp, NULL, 0, NULL); fclose(fp); - if (!x509) + if (!x509) { + EVP_PKEY_free(pkey); rb_raise(rb_eArgError, "failed to open certs file"); + } pub_pkey = X509_get_pubkey(x509); - /* The reference counter is bumped, and decremented immediately. */ - EVP_PKEY_free(pub_pkey); - if (!pub_pkey) + if (!pub_pkey) { + EVP_PKEY_free(pkey); + X509_free(x509); rb_raise(rb_eArgError, "certificate does not contain public key"); - - if (EVP_PKEY_cmp(pub_pkey, pkey) != 1) + } + if (EVP_PKEY_cmp(pub_pkey, pkey) != 1) { + EVP_PKEY_free(pkey); + X509_free(x509); + EVP_PKEY_free(pub_pkey); rb_raise(rb_eArgError, "public key mismatch"); + } + EVP_PKEY_free(pkey); + X509_free(x509); + EVP_PKEY_free(pub_pkey); /* SSL_CTX_use_certificate_chain_file() loads PEM format file. */ if (SSL_CTX_use_certificate_chain_file(ctx, ccerts_path) != 1) |