Hi,
I have a memory leak problem. The stack of CA certs that I create in
the following fashion leaks when my application terminates.
if ( (s_pSkCAList = SSLInitFindCAList(
(LPCSTR)m_szCertificateAuthorityFile) ) == NULL )
{
DEBUGMSG("Setup (%s): Unable to determine list of available CA
certificates for client authentication\n", szHostID);
return FALSE;
}
SSL_CTX_set_client_CA_list(s_pCtx, s_pSkCAList);
..................
SSLInitFindCAList is defined below:
.........,...........
STACK_OF(X509_NAME) *SSLInitFindCAList(const char *cpCAfile)
{
STACK_OF(X509_NAME) *skCAList;
STACK_OF(X509_NAME) *sk;
int n;
//Start with a empty stack/list where new entries get added in
sorted order.
skCAList = sk_X509_NAME_new(SSLInitFindCAListX509NameCmp);
//Process CA certificate bundle file
if (cpCAfile != NULL) {
sk = SSL_load_client_CA_file(cpCAfile);
for(n = 0; sk != NULL && n < sk_X509_NAME_num(sk); n++) {
DEBUGMSG("\nCA certificate:
%s",X509_NAME_oneline(sk_X509_NAME_value(sk, n), NULL, 0));
if (sk_X509_NAME_find(skCAList, sk_X509_NAME_value(sk, n)) <
0)
sk_X509_NAME_push(skCAList, sk_X509_NAME_value(sk, n));
}
}
//cleanup
sk_X509_NAME_set_cmp_func(skCAList, NULL);
return skCAList;
}
I have seen the code for SSL_CTX_free and SSL_free and they do seem to
clean up the client_CA stack.
What special cleanup do I have to do?
Thanks for helping,
Amit.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
