mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 16:18:48 -05:00
openssl: engine: remove double-free
After a successful call to SSL_CTX_use_PrivateKey(), we must not call EVP_PKEY_free() on the key. Reported-by: nased0 Closes #509
This commit is contained in:
parent
e2f430c74a
commit
370ee919b3
@ -558,7 +558,7 @@ int cert_stuff(struct connectdata *conn,
|
|||||||
break;
|
break;
|
||||||
case SSL_FILETYPE_ENGINE:
|
case SSL_FILETYPE_ENGINE:
|
||||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
#ifdef HAVE_OPENSSL_ENGINE_H
|
||||||
{ /* XXXX still needs some work */
|
{
|
||||||
EVP_PKEY *priv_key = NULL;
|
EVP_PKEY *priv_key = NULL;
|
||||||
if(data->state.engine) {
|
if(data->state.engine) {
|
||||||
#ifdef HAVE_ENGINE_LOAD_FOUR_ARGS
|
#ifdef HAVE_ENGINE_LOAD_FOUR_ARGS
|
||||||
@ -592,7 +592,7 @@ int cert_stuff(struct connectdata *conn,
|
|||||||
EVP_PKEY_free(priv_key);
|
EVP_PKEY_free(priv_key);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
EVP_PKEY_free(priv_key); /* we don't need the handle any more... */
|
/* ownership of priv_key was handed over, no need to free it here */
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
failf(data, "crypto engine not set, can't load private key");
|
failf(data, "crypto engine not set, can't load private key");
|
||||||
|
Loading…
Reference in New Issue
Block a user