diff options
| author | dl.meetei <dl.meetei> | 2014-01-26 14:39:03 +0000 |
|---|---|---|
| committer | dl.meetei <dl.meetei> | 2014-01-26 14:39:03 +0000 |
| commit | e7bbd9203e6c99e6ba339eecdaff65dc633f9312 (patch) | |
| tree | 5013e4b21bb39bffe4ea819cfb0624831ae55f58 | |
| parent | 7fa3c31384f1bf0e99414f6414ad4e016e95be67 (diff) | |
| download | tog-pegasus-origin.zip tog-pegasus-origin.tar.gz tog-pegasus-origin.tar.xz | |
BUG#: 9046origin
TITLE: mem leak in _makeSSLContext() in SSLContext.cpp
DESCRIPTION:
| -rw-r--r-- | src/Pegasus/Common/SSLContext.cpp | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/Pegasus/Common/SSLContext.cpp b/src/Pegasus/Common/SSLContext.cpp index 55594d5..374c02f 100644 --- a/src/Pegasus/Common/SSLContext.cpp +++ b/src/Pegasus/Common/SSLContext.cpp @@ -705,8 +705,6 @@ SSL_CTX* SSLContextRep::_makeSSLContext() { PEG_METHOD_ENTER(TRC_SSL, "SSLContextRep::_makeSSLContext()"); - SSL_CTX * sslContext = 0; - // OPENSSL_VERSION_NUMBER is defined as 0xnnnnnnnnnL // MMNNFFPPS: major minor fix patch status // The change 'const' SSL_METHOD @@ -739,6 +737,7 @@ SSL_CTX* SSLContextRep::_makeSSLContext() #endif } + SSL_CTX *sslContext = NULL; if (!(sslContext = SSL_CTX_new(sslProtocolMethod))) { PEG_METHOD_EXIT(); @@ -752,6 +751,7 @@ SSL_CTX* SSLContextRep::_makeSSLContext() if (!(SSL_CTX_set_cipher_list(sslContext, SSL_TXT_EXP40))) { SSL_CTX_free(sslContext); + sslContext = NULL; MessageLoaderParms parms( "Common.SSLContext.COULD_NOT_SET_CIPHER_LIST", @@ -765,6 +765,7 @@ SSL_CTX* SSLContextRep::_makeSSLContext() if (!(SSL_CTX_set_cipher_list(sslContext, _cipherSuite.getCString()))) { SSL_CTX_free(sslContext); + sslContext = NULL; PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL3, "---> SSL: Cipher Suite could not be specified"); @@ -881,6 +882,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() MessageLoaderParms parms( "Common.SSLContext.COULD_NOT_LOAD_CERTIFICATES", "Could not load certificates in to trust store."); + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } @@ -917,6 +920,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() MessageLoaderParms parms( "Common.SSLContext.COULD_NOT_LOAD_CERTIFICATES", "Could not load certificates in to trust store."); + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } @@ -942,6 +947,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() _crlStore.reset(X509_STORE_new()); if (_crlStore.get() == NULL) { + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw PEGASUS_STD(bad_alloc)(); } @@ -961,6 +968,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() "Common.SSLContext.COULD_NOT_LOAD_CRLS", "Could not load certificate revocation list."); _crlStore.reset(); + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } @@ -984,6 +993,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() "Common.SSLContext.COULD_NOT_LOAD_CRLS", "Could not load certificate revocation list."); _crlStore.reset(); + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } @@ -1022,6 +1033,9 @@ SSL_CTX* SSLContextRep::_makeSSLContext() "Common.SSLContext.COULD_NOT_ACCESS_SERVER_CERTIFICATE", "Could not access server certificate in $0.", (const char*)_certPath.getCString()); + + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } @@ -1046,6 +1060,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() MessageLoaderParms parms( "Common.SSLContext.COULD_NOT_GET_PRIVATE_KEY", "Could not get private key."); + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } @@ -1071,6 +1087,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext() MessageLoaderParms parms( "Common.SSLContext.COULD_NOT_GET_PRIVATE_KEY", "Could not get private key."); + SSL_CTX_free(sslContext); + sslContext = NULL; PEG_METHOD_EXIT(); throw SSLException(parms); } |