diff options
| -rw-r--r-- | lib/vtls/openssl.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 1bb99671d..3bc079e7e 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -450,7 +450,6 @@ int cert_stuff(struct connectdata *conn, PKCS12 *p12; EVP_PKEY *pri; STACK_OF(X509) *ca = NULL; - int i; f = fopen(cert_file, "rb"); if(!f) { @@ -497,8 +496,8 @@ int cert_stuff(struct connectdata *conn, goto fail; } /* Set Certificate Verification chain */ - if(ca && sk_X509_num(ca)) { - for(i = 0; i < sk_X509_num(ca); i++) { + if(ca) { + while(sk_X509_num(ca)) { /* * Note that sk_X509_pop() is used below to make sure the cert is * removed from the stack properly before getting passed to @@ -508,6 +507,7 @@ int cert_stuff(struct connectdata *conn, */ X509 *x = sk_X509_pop(ca); if(!SSL_CTX_add_extra_chain_cert(ctx, x)) { + X509_free(x); failf(data, "cannot add certificate to certificate chain"); goto fail; } |