aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2015-10-27 13:45:25 +0100
committerDaniel Stenberg <daniel@haxx.se>2015-10-27 13:45:25 +0100
commit370ee919b37cc9a46c36428b2bb1527eae5db2bd (patch)
treec2e581baf0139ffa336371ad3db05487fb36add4
parente2f430c74a4d8f2b75f1ff19e3a97c2ad918580a (diff)
openssl: engine: remove double-free
After a successful call to SSL_CTX_use_PrivateKey(), we must not call EVP_PKEY_free() on the key. Reported-by: nased0 Closes #509
-rw-r--r--lib/vtls/openssl.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 3bc079e7e..f93a89507 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -558,7 +558,7 @@ int cert_stuff(struct connectdata *conn,
break;
case SSL_FILETYPE_ENGINE:
#ifdef HAVE_OPENSSL_ENGINE_H
- { /* XXXX still needs some work */
+ {
EVP_PKEY *priv_key = NULL;
if(data->state.engine) {
#ifdef HAVE_ENGINE_LOAD_FOUR_ARGS
@@ -592,7 +592,7 @@ int cert_stuff(struct connectdata *conn,
EVP_PKEY_free(priv_key);
return 0;
}
- EVP_PKEY_free(priv_key); /* we don't need the handle any more... */
+ /* ownership of priv_key was handed over, no need to free it here */
}
else {
failf(data, "crypto engine not set, can't load private key");