openssl: engine: remove double-free

After a successful call to SSL_CTX_use_PrivateKey(), we must not call EVP_PKEY_free() on the key. Reported-by: nased0 Closes #509

openssl: engine: remove double-free
370ee919 · Daniel Stenberg · e2f430c7 · 370ee919
Commit 370ee919 authored 9 years ago by Daniel Stenberg
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -558,7 +558,7 @@ int cert_stuff(struct connectdata *conn,
      break;
    case SSL_FILETYPE_ENGINE:
 #ifdef HAVE_OPENSSL_ENGINE_H
-      {                         /* XXXX still needs some work */
+      {
        EVP_PKEY *priv_key = NULL;
        if(data->state.engine) {
 #ifdef HAVE_ENGINE_LOAD_FOUR_ARGS
@@ -592,7 +592,7 @@ int cert_stuff(struct connectdata *conn,
            EVP_PKEY_free(priv_key);
            return 0;
          }
-          EVP_PKEY_free(priv_key);  /* we don't need the handle any more... */
+          /* ownership of priv_key was handed over, no need to free it here */
        }
        else {
          failf(data, "crypto engine not set, can't load private key");