CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2022/02/22 06:45:09
Modified files:
usr.sbin/acme-client: key.c
Log message:
Plug leak in ec_key_create()
EVP_PKEY_set1_EC_KEY() bumps the refcount of eckey, so eckey won't be
freed at the end of keyproc() or acctproc(), which means that secrets
aren't wiped. Move EC_KEY_free() to the out label, so that the refcount
is decremented or the key freed, as appropriate.
tested/ok claudio
