A little more analysis seems to indicate that X509_EXTENSION isn't properly coded, since freeing it requires a dive into the OCTET_STRING (or whatever that translates to) and free whatever that's pointing to.
The code in question is crypto/asn1/x_exten.c, and for comparison, one might want to look at crypto/asn1/x_x509.c... I've assigned this ticket to Steve, since he's much more competent on this type of stuff... [levitte - Wed Jun 5 14:12:27 2002]: > Looks to me like X509_EXTENSION_free() doesn't do it's job properly. > > [[EMAIL PROTECTED] - Wed Jun 5 13:28:48 2002]: > > > Ok, then when are those datas supposed to be freed ? > > Here is the code: > > > > X509V3_CTX ctx; > > X509V3_set_ctx_test(&ctx); > > X509_EXTENSION *ext; > > char * FieldName="authorityInfoAccess"; > > char * > > FieldValue="caIssuers;URI:http://www.openssl.org/root.crt"; > > > > if (!(ext = X509V3_EXT_nconf(NULL, &ctx, FieldName, > > FieldValue))) > > { > > return false; > > } > > X509_EXTENSION_free(ext); > > > > I don't see what I forget to free ? -- Richard Levitte [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
