openldap/openldap-nss-free-peer-cert.patch

memleak in tlsm_auth_cert_handler

In tlsm_auth_cert_handler, we get the peer's cert from the socket using
SSL_PeerCertificate.  This value is allocated and/or cached.  We must
destroy it using CERT_DestroyCertificate.

Author: Rich Megginson <rmeggins@redhat.com>
Upstream ITS: #6980
Upstream commit: d944920
Resolves: #717730

diff -uNPrp openldap-2.4.23/libraries/libldap/tls_m.c openldap-2.4.23.fix/libraries/libldap/tls_m.c
--- openldap-2.4.23/libraries/libldap/tls_m.c	2011-07-18 15:54:03.719226863 +0200
+++ openldap-2.4.23.fix/libraries/libldap/tls_m.c	2011-07-18 16:02:59.284531374 +0200
@@ -1034,10 +1034,12 @@ tlsm_auth_cert_handler(void *arg, PRFile
 {
 	SECCertificateUsage certUsage = isServer ? certificateUsageSSLClient : certificateUsageSSLServer;
 	SECStatus ret = SECSuccess;
+	CERTCertificate *peercert = SSL_PeerCertificate( fd );
 
-	ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, SSL_PeerCertificate( fd ),
+	ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, peercert,
 							SSL_RevealPinArg( fd ),
 							checksig, certUsage, 0 );
+	CERT_DestroyCertificate( peercert );
 
 	return ret;
 }
fix: memleak in tlsm_auth_cert_handler Resolves: #717730 2011-07-20 14:30:37 +00:00			`memleak in tlsm_auth_cert_handler`

			`In tlsm_auth_cert_handler, we get the peer's cert from the socket using`
			`SSL_PeerCertificate. This value is allocated and/or cached. We must`
			`destroy it using CERT_DestroyCertificate.`

			`Author: Rich Megginson <rmeggins@redhat.com>`
			`Upstream ITS: #6980`
			`Upstream commit: d944920`
			`Resolves: #717730`

			`diff -uNPrp openldap-2.4.23/libraries/libldap/tls_m.c openldap-2.4.23.fix/libraries/libldap/tls_m.c`
			`--- openldap-2.4.23/libraries/libldap/tls_m.c 2011-07-18 15:54:03.719226863 +0200`
			`+++ openldap-2.4.23.fix/libraries/libldap/tls_m.c 2011-07-18 16:02:59.284531374 +0200`
			`@@ -1034,10 +1034,12 @@ tlsm_auth_cert_handler(void *arg, PRFile`
			`{`
			`SECCertificateUsage certUsage = isServer ? certificateUsageSSLClient : certificateUsageSSLServer;`
			`SECStatus ret = SECSuccess;`
			`+ CERTCertificate *peercert = SSL_PeerCertificate( fd );`

			`- ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, SSL_PeerCertificate( fd ),`
			`+ ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, peercert,`
			`SSL_RevealPinArg( fd ),`
			`checksig, certUsage, 0 );`
			`+ CERT_DestroyCertificate( peercert );`

			`return ret;`
			`}`