Diff - 15838979185e16df6202215124974c7e159d3743^! - haproxy

commit	15838979185e16df6202215124974c7e159d3743	[log] [tgz]
author	Remi Tricot-Le Breton <rlebreton@haproxy.com>	Thu Nov 03 15:16:49 2022 +0100
committer	Christopher Faulet <cfaulet@haproxy.com>	Fri Nov 25 11:21:02 2022 +0100
tree	c61b4d0c0daf2488cafdd139a3bfdf1df6286f75
parent	172da596ab6ddc742b5fcbd51157aa982227d871 [diff] [blame]

BUG/MINOR: ssl: ocsp structure not freed properly in case of error

In case of error, the ocsp item might already be in the ocsp certificate
tree but simply freed instead of destroyed through ssl_sock_free_ocsp.

This patch can be backported to all stable versions.

(cherry picked from commit aa529f776d24ecc84239a97456ed4835b6589350)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit 09ae90d9834a662dc8a36057c195363f4e55438b)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit 91ef8107799558c42f366d58622bfebc6458fe05)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 4fc4dd3..3224c96 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -1505,7 +1505,7 @@
 		OCSP_CERTID_free(cid);
 
 	if (ocsp)
-		free(ocsp);
+		ssl_sock_free_ocsp(ocsp);
 
 	if (warn)
 		free(warn);