summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordl.meetei <dl.meetei>2014-01-26 14:39:03 +0000
committerdl.meetei <dl.meetei>2014-01-26 14:39:03 +0000
commite7bbd9203e6c99e6ba339eecdaff65dc633f9312 (patch)
tree5013e4b21bb39bffe4ea819cfb0624831ae55f58
parent7fa3c31384f1bf0e99414f6414ad4e016e95be67 (diff)
downloadtog-pegasus-origin.zip
tog-pegasus-origin.tar.gz
tog-pegasus-origin.tar.xz
BUG#: 9046origin
TITLE: mem leak in _makeSSLContext() in SSLContext.cpp DESCRIPTION:
-rw-r--r--src/Pegasus/Common/SSLContext.cpp22
1 files changed, 20 insertions, 2 deletions
diff --git a/src/Pegasus/Common/SSLContext.cpp b/src/Pegasus/Common/SSLContext.cpp
index 55594d5..374c02f 100644
--- a/src/Pegasus/Common/SSLContext.cpp
+++ b/src/Pegasus/Common/SSLContext.cpp
@@ -705,8 +705,6 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
{
PEG_METHOD_ENTER(TRC_SSL, "SSLContextRep::_makeSSLContext()");
- SSL_CTX * sslContext = 0;
-
// OPENSSL_VERSION_NUMBER is defined as 0xnnnnnnnnnL
// MMNNFFPPS: major minor fix patch status
// The change 'const' SSL_METHOD
@@ -739,6 +737,7 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
#endif
}
+ SSL_CTX *sslContext = NULL;
if (!(sslContext = SSL_CTX_new(sslProtocolMethod)))
{
PEG_METHOD_EXIT();
@@ -752,6 +751,7 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
if (!(SSL_CTX_set_cipher_list(sslContext, SSL_TXT_EXP40)))
{
SSL_CTX_free(sslContext);
+ sslContext = NULL;
MessageLoaderParms parms(
"Common.SSLContext.COULD_NOT_SET_CIPHER_LIST",
@@ -765,6 +765,7 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
if (!(SSL_CTX_set_cipher_list(sslContext, _cipherSuite.getCString())))
{
SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL3,
"---> SSL: Cipher Suite could not be specified");
@@ -881,6 +882,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
MessageLoaderParms parms(
"Common.SSLContext.COULD_NOT_LOAD_CERTIFICATES",
"Could not load certificates in to trust store.");
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}
@@ -917,6 +920,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
MessageLoaderParms parms(
"Common.SSLContext.COULD_NOT_LOAD_CERTIFICATES",
"Could not load certificates in to trust store.");
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}
@@ -942,6 +947,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
_crlStore.reset(X509_STORE_new());
if (_crlStore.get() == NULL)
{
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw PEGASUS_STD(bad_alloc)();
}
@@ -961,6 +968,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
"Common.SSLContext.COULD_NOT_LOAD_CRLS",
"Could not load certificate revocation list.");
_crlStore.reset();
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}
@@ -984,6 +993,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
"Common.SSLContext.COULD_NOT_LOAD_CRLS",
"Could not load certificate revocation list.");
_crlStore.reset();
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}
@@ -1022,6 +1033,9 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
"Common.SSLContext.COULD_NOT_ACCESS_SERVER_CERTIFICATE",
"Could not access server certificate in $0.",
(const char*)_certPath.getCString());
+
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}
@@ -1046,6 +1060,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
MessageLoaderParms parms(
"Common.SSLContext.COULD_NOT_GET_PRIVATE_KEY",
"Could not get private key.");
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}
@@ -1071,6 +1087,8 @@ SSL_CTX* SSLContextRep::_makeSSLContext()
MessageLoaderParms parms(
"Common.SSLContext.COULD_NOT_GET_PRIVATE_KEY",
"Could not get private key.");
+ SSL_CTX_free(sslContext);
+ sslContext = NULL;
PEG_METHOD_EXIT();
throw SSLException(parms);
}