openssl: free the peer certificate

Per SSL_get_peer_certificate docs: ``` The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free(). ```

openssl: free the peer certificate
Per SSL_get_peer_certificate docs: ``` The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free(). ```
8be2a790 · Etienne Samson · 2518eb81 · 8be2a790
Commit 8be2a790 authored Dec 05, 2017 by Etienne Samson
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletions

src/streams/openssl.c
+2 -1

No files found.
--- a/src/streams/openssl.c
+++ b/src/streams/openssl.c
@@ -332,7 +332,7 @@ static int check_host_name(const char *name, const char *host)
 static int verify_server_cert(SSL *ssl, const char *host)
 {
-	X509 *cert;
+	X509 *cert = NULL;
 	X509_NAME *peer_name;
 	ASN1_STRING *str;
 	unsigned char *peer_cn = NULL;
@@ -458,6 +458,7 @@ on_error:
 	goto cleanup;
 cleanup:
+	X509_free(cert);
 	OPENSSL_free(peer_cn);
 	return error;
 }