Close several small leaks in SSL.

Submitted by: Zvi Har'El <rl@math.technion.ac.il> Reviewed by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97340 13f79535-47bb-0310-9956-ffa450edef68
2025-08-07 04:02:58 +03:00 · 2002-10-29 03:52:22 +00:00
parent 1129d24efb
commit 84a5feff3b
3 changed files with 20 additions and 4 deletions
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -545,9 +545,10 @@ int ssl_hook_Access(request_rec *r)

                if ((dc->nOptions & SSL_OPT_OPTRENEGOTIATE) &&
                    (verify_old == SSL_VERIFY_NONE) &&
-                    SSL_get_peer_certificate(ssl))
+                    ((cert = SSL_get_peer_certificate(ssl)) != NULL))
                {
                    renegotiate_quick = TRUE;
+                    X509_free(cert);
                }

                ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
@@ -817,6 +818,7 @@ int ssl_hook_Access(request_rec *r)
        if ((cert = SSL_get_peer_certificate(ssl))) {
            sslconn->client_cert = cert;
            sslconn->client_dn = NULL;
+            X509_free(cert);
        }

        /*
@@ -833,7 +835,8 @@ int ssl_hook_Access(request_rec *r)
                return HTTP_FORBIDDEN;
            }

-            if (do_verify && !SSL_get_peer_certificate(ssl)) {
+            if (do_verify &&
+                ((cert = SSL_get_peer_certificate(ssl)) == NULL)) {
                ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
                             "Re-negotiation handshake failed: "
                             "Client certificate missing");
@@ -1399,6 +1402,7 @@ int ssl_callback_SSLVerify_CRL(int ok, X509_STORE_CTX *ctx, conn_rec *c)
    X509_NAME *subject, *issuer;
    X509 *cert;
    X509_CRL *crl;
+    EVP_PKEY *pubkey;
    int i, n, rc;

    /*
@@ -1485,16 +1489,22 @@ int ssl_callback_SSLVerify_CRL(int ok, X509_STORE_CTX *ctx, conn_rec *c)
        /*
         * Verify the signature on this CRL
         */
-        if (X509_CRL_verify(crl, X509_get_pubkey(cert)) <= 0) {
+        pubkey = X509_get_pubkey(cert);
+        if (X509_CRL_verify(crl, pubkey) <= 0) {
            ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
                         "Invalid signature on CRL");

            X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE);
            X509_OBJECT_free_contents(&obj);
+            if (pubkey)
+                EVP_PKEY_free(pubkey);

            return FALSE;
        }

+        if (pubkey)
+            EVP_PKEY_free(pubkey);
+
        /*
         * Check date of CRL to make sure it's not expired
         */