ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

fixed a memory leak in OCSP fetching

This commit is contained in:
Andreas Steffen 2009-10-29 10:00:19 +01:00
parent 140816b055
commit f893bce3e7
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/pluto/ocsp.c
View File

@ -1466,6 +1466,14 @@ static void process_single_response(ocsp_location_t *location,
free_certinfo(certinfo);
}
/**
* Destroy a response_t object
*/
static void free_response(response_t *res)
{
DESTROY_IF(res->responder_id_name);
}
/**
* Parse and verify ocsp response and update the ocsp cache
*/
@ -1479,7 +1487,7 @@ void parse_ocsp(ocsp_location_t *location, chunk_t blob)
if (status != STATUS_SUCCESSFUL)
{
plog("error in ocsp response");
return;
goto free;
}
/* check if there was a nonce in the request */
if (location->nonce.ptr && res.nonce.ptr == NULL)
@ -1490,13 +1498,13 @@ void parse_ocsp(ocsp_location_t *location, chunk_t blob)
if (res.nonce.ptr && !chunk_equals(res.nonce, location->nonce))
{
plog("invalid nonce in ocsp response");
return;
goto free;
}
/* check if the response is signed by a trusted key */
if (!valid_ocsp_response(&res))
{
plog("invalid ocsp response");
return;
goto free;
}
DBG(DBG_CONTROL,
DBG_log("valid ocsp response")
@ -1527,4 +1535,7 @@ void parse_ocsp(ocsp_location_t *location, chunk_t blob)
end:
parser->destroy(parser);
}
free:
free_response(&res);
}