Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1753165054, "reponame":"libwebsockets", "desc":"libwebsockets lightweight C networking library", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://libwebsockets.org/repo/libwebsockets", "f":3, "items": [ {"schema":"libjg2-1", "cid":"c55a648c730391e490814127b53ef44b", "commit": {"type":"commit", "time": 1740987634, "time_ofs": 0, "oid_tree": { "oid": "829923a46ce48b4d990cbf055c6c30fe503bca08", "alias": []}, "oid":{ "oid": "a656eb5f1b17ae40852da27a689f802d48d646de", "alias": []}, "msg": "mbedtls/ssl: free cert chain when mbedtls_client_preload_filepath enabled", "sig_commit": { "git_time": { "time": 1740987634, "offset": 0 }, "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" }, "sig_author": { "git_time": { "time": 1739330871, "offset": 480 }, "name": "makejian", "email": "makejian@xiaomi.com", "md5": "f6bd2c28af36681568621f09cb296018" }}, "body": "mbedtls/ssl: free cert chain when mbedtls_client_preload_filepath enabled\n\nSigned-off-by: makejian \u003cmakejian@xiaomi.com\u003e\n" , "diff": "diff --git a/lib/tls/mbedtls/wrapper/library/ssl_lib.c b/lib/tls/mbedtls/wrapper/library/ssl_lib.c\nindex d751d78..6bc5ff4 100644\n--- a/lib/tls/mbedtls/wrapper/library/ssl_lib.c\n+++ b/lib/tls/mbedtls/wrapper/library/ssl_lib.c\n@@ -231,9 +231,11 @@ SSL_CTX* SSL_CTX_new(const SSL_METHOD *method, void *rngctx)\n \t*px \u003d malloc(sizeof(**px));\n \tmbedtls_x509_crt_init(*px);\n \tn \u003d mbedtls_x509_crt_parse_file(*px, mbedtls_client_preload_filepath);\n-\tif (n \u003c 0)\n+\tif (n \u003c 0) {\n \t\tlwsl_err(\u0022%s: unable to load cert bundle 0x%x\u005cn\u0022, __func__, -n);\n-\telse\n+\t\tmbedtls_x509_crt_free(*px);\n+\t\tfree(*px);\n+\t} else\n \t\tlwsl_info(\u0022%s: loaded cert bundle %d\u005cn\u0022, __func__, n);\n }\n #endif\n@@ -257,6 +259,17 @@ void SSL_CTX_free(SSL_CTX* ctx)\n \n ssl_cert_free(ctx-\u003ecert);\n \n+#if defined(LWS_HAVE_mbedtls_x509_crt_parse_file)\n+ if (mbedtls_client_preload_filepath) {\n+ mbedtls_x509_crt **px \u003d (mbedtls_x509_crt **)ctx-\u003eclient_CA-\u003ex509_pm;\n+\n+ if (*px) {\n+ mbedtls_x509_crt_free(*px);\n+ free(*px);\n+ }\n+ }\n+#endif\n+\n X509_free(ctx-\u003eclient_CA);\n \n if (ctx-\u003ealpn_protos) {\n","s":{"c":1753165054,"u": 2471}} ],"g": 3789,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}