diff options
author | Tim Costen <tim.costen@isode.com> | 2019-10-04 09:03:59 (GMT) |
---|---|---|
committer | Tim Costen <tim.costen@isode.com> | 2019-10-04 12:25:33 (GMT) |
commit | 2ad1938c50f9fe57fe3dd98eb9f4bb711ac52acd (patch) | |
tree | c18d0317b1f750bad3d413ed5bc6ec40a2e0bfbb /Sluift | |
parent | df07a5e1e654c5fe4b513b8b0e41a392e9955cdf (diff) | |
download | swift-2ad1938c50f9fe57fe3dd98eb9f4bb711ac52acd.zip swift-2ad1938c50f9fe57fe3dd98eb9f4bb711ac52acd.tar.bz2 |
Correct leaks in OpenSSL interface
Remove increment of reference count on first certificate added
to a new SSL context - the call to SSL_CTX_use_certificate does
this internally. When adding extra certificates to the context
via calls to SSL_CTX_add_extra_certificate, the explicit
increment of the reference count is still required to prevent
destruction of the certificates when the SSL context is freed.
In OpenSSLContext::setPrivateKey, make sure the EVP_PKEY returned
by PEM_read_bio_PrivateKey is tidied up, by wrapping it in a
shared_ptr which calls EVP_PKEY_free.
Add a new Unit test which creates an SSL context and inserts a
multi-element certificate chain and a private key.
JIRA: SWIFT-423
Bug:
Release-notes:
Manual:
Change-Id: I82c66139a9dfe7a925eb39f73721200895a689e2
Test-information:
Leak testing performed via ASAN-compiled MLink unit tests -
now no leaks/errors reported associated with TLS Contexts and
Certificates. Swiften unit test runs as expected.
Diffstat (limited to 'Sluift')
0 files changed, 0 insertions, 0 deletions