Commit 83bab78b authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

Hzhijun reported a memory leak in the SSL certificate code, that leaked the 

remote certificate name when it didn't match the used host name.
parent 894ec46e

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -7,6 +7,10 @@ 
                                  Changelog





Daniel (10 January 2005)

- Hzhijun reported a memory leak in the SSL certificate code, that leaked the

  remote certificate name when it didn't match the used host name.



Gisle (8 January 2005)

- Added Makefile.Watcom files (src/lib). Updated Makefile.dist.

RELEASE-NOTES

+3 −1
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ This release includes the following changes: 


This release includes the following bugfixes:



 o SSL certificate name memory leak

 o -d with -G to multiple URLs crashed

 o double va_list access crash fixed

 o minor memory leak when "version" is set in a cookie header
@@ -31,6 +32,7 @@ This release would not have looked like this without help, code, reports and 
advice from friends like these:



 Dan Fandrich, Peter Pentchev, Marcin Konicki, Rune Kleveland, David Shaw,

 Werner Koch, Gisle Vanem, Alex Neblett, Kai Sommerfeld, Marty Kuhrt

 Werner Koch, Gisle Vanem, Alex Neblett, Kai Sommerfeld, Marty Kuhrt,

 Hzhijun



        Thanks! (and sorry if I forgot to mention someone)

lib/ssluse.c

+5 −4
Original line number Diff line number Diff line
@@ -1003,6 +1003,7 @@ static CURLcode verifyhost(struct connectdata *conn, 
#else

  struct in_addr addr;

#endif

  CURLcode res = CURLE_OK;



#ifdef ENABLE_IPV6

  if(conn->bits.ipv6_ip &&
@@ -1131,8 +1132,7 @@ static CURLcode verifyhost(struct connectdata *conn, 
      if(data->set.ssl.verifyhost > 1) {

        failf(data, "SSL: certificate subject name '%s' does not match "

              "target host name '%s'", peer_CN, conn->host.dispname);

        OPENSSL_free(peer_CN);

        return CURLE_SSL_PEER_CERTIFICATE ;

        res = CURLE_SSL_PEER_CERTIFICATE;

      }

      else

        infof(data, "\t common name: %s (does not match '%s')\n",
@@ -1140,10 +1140,11 @@ static CURLcode verifyhost(struct connectdata *conn, 
    }

    else {

      infof(data, "\t common name: %s (matched)\n", peer_CN);

      OPENSSL_free(peer_CN);

    }

    if(peer_CN)

      OPENSSL_free(peer_CN);

  }

  return CURLE_OK;

  return res;

}

#endif