From: Felix Fietkau Date: Thu, 3 Apr 2014 14:53:40 +0000 (+0200) Subject: openssl: free peer certificate after validating it X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=67aeda4a4207f6ae0bc2efad93f25fd4bc74acb6;p=oweals%2Fopenwrt-ustream-ssl.git openssl: free peer certificate after validating it Signed-off-by: Felix Fietkau --- diff --git a/ustream-openssl.c b/ustream-openssl.c index efae44c..787cc38 100644 --- a/ustream-openssl.c +++ b/ustream-openssl.c @@ -220,10 +220,6 @@ static void ustream_ssl_verify_cert(struct ustream_ssl *us) X509 *cert; int res; - cert = SSL_get_peer_certificate(ssl); - if (!cert) - return; - res = SSL_get_verify_result(ssl); if (res != X509_V_OK) { if (us->notify_verify_error) @@ -231,8 +227,13 @@ static void ustream_ssl_verify_cert(struct ustream_ssl *us) return; } + cert = SSL_get_peer_certificate(ssl); + if (!cert) + return; + us->valid_cert = true; us->valid_cn = ustream_ssl_verify_cn(us, cert); + X509_free(cert); } #endif