diff options
author | Daniel Stenberg <daniel@haxx.se> | 2015-10-27 13:45:25 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2015-10-27 13:45:25 +0100 |
commit | 370ee919b37cc9a46c36428b2bb1527eae5db2bd (patch) | |
tree | c2e581baf0139ffa336371ad3db05487fb36add4 /lib | |
parent | e2f430c74a4d8f2b75f1ff19e3a97c2ad918580a (diff) |
openssl: engine: remove double-free
After a successful call to SSL_CTX_use_PrivateKey(), we must not call
EVP_PKEY_free() on the key.
Reported-by: nased0
Closes #509
Diffstat (limited to 'lib')
-rw-r--r-- | lib/vtls/openssl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 3bc079e7e..f93a89507 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -558,7 +558,7 @@ int cert_stuff(struct connectdata *conn, break; case SSL_FILETYPE_ENGINE: #ifdef HAVE_OPENSSL_ENGINE_H - { /* XXXX still needs some work */ + { EVP_PKEY *priv_key = NULL; if(data->state.engine) { #ifdef HAVE_ENGINE_LOAD_FOUR_ARGS @@ -592,7 +592,7 @@ int cert_stuff(struct connectdata *conn, EVP_PKEY_free(priv_key); return 0; } - EVP_PKEY_free(priv_key); /* we don't need the handle any more... */ + /* ownership of priv_key was handed over, no need to free it here */ } else { failf(data, "crypto engine not set, can't load private key"); |