diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index f703241e2..905c4eb4b 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -4947,13 +4947,13 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm) { int version, len; word32 oid, idx = 0; - Sha sha; Signer* ca; CYASSL_MSG("ParseCRL"); /* raw crl hash */ /* hash here if needed for optimized comparisons + * Sha sha; * InitSha(&sha); * ShaUpdate(&sha, buff, sz); * ShaFinal(&sha, dcrl->crlHash); */ diff --git a/cyassl/crl.h b/cyassl/crl.h index 5e2fa62b2..2e3a29e06 100644 --- a/cyassl/crl.h +++ b/cyassl/crl.h @@ -33,7 +33,7 @@ typedef struct CYASSL_CRL CYASSL_CRL; CYASSL_LOCAL int InitCRL(CYASSL_CRL*, CYASSL_CERT_MANAGER*); -CYASSL_LOCAL void FreeCRL(CYASSL_CRL*); +CYASSL_LOCAL void FreeCRL(CYASSL_CRL*, int dynamic); CYASSL_LOCAL int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int mon); CYASSL_LOCAL int BufferLoadCRL(CYASSL_CRL*, const byte*, long, int); diff --git a/src/crl.c b/src/crl.c index 8cf8893ed..7b06b8218 100644 --- a/src/crl.c +++ b/src/crl.c @@ -90,7 +90,7 @@ static void FreeCRL_Entry(CRL_Entry* crle) /* Free all CRL resources */ -void FreeCRL(CYASSL_CRL* crl) +void FreeCRL(CYASSL_CRL* crl, int dynamic) { CRL_Entry* tmp = crl->crlList; @@ -116,6 +116,8 @@ void FreeCRL(CYASSL_CRL* crl) } #endif FreeMutex(&crl->crlLock); + if (dynamic) /* free self */ + XFREE(crl, NULL, DYNAMIC_TYPE_CRL); } @@ -295,7 +297,7 @@ static int SwapLists(CYASSL_CRL* crl) ret = LoadCRL(&tmp, crl->monitors[0].path, SSL_FILETYPE_PEM, 0); if (ret != SSL_SUCCESS) { CYASSL_MSG("PEM LoadCRL on dir change failed"); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return -1; } } @@ -304,14 +306,14 @@ static int SwapLists(CYASSL_CRL* crl) ret = LoadCRL(&tmp, crl->monitors[1].path, SSL_FILETYPE_ASN1, 0); if (ret != SSL_SUCCESS) { CYASSL_MSG("DER LoadCRL on dir change failed"); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return -1; } } if (LockMutex(&crl->crlLock) != 0) { CYASSL_MSG("LockMutex failed"); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return -1; } @@ -323,7 +325,7 @@ static int SwapLists(CYASSL_CRL* crl) UnLockMutex(&crl->crlLock); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return 0; } @@ -581,6 +583,8 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor) ret = StartMonitorCRL(crl); } } + + closedir(dir); return ret; } diff --git a/src/ssl.c b/src/ssl.c index 671d80be2..9b0986977 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -592,7 +592,7 @@ void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm) if (cm) { #ifdef HAVE_CRL if (cm->crl) - FreeCRL(cm->crl); + FreeCRL(cm->crl, 1); #endif FreeSigners(cm->caList, NULL); FreeMutex(&cm->caLock); @@ -1719,7 +1719,7 @@ int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER* cm, int options) if (InitCRL(cm->crl, cm) != 0) { CYASSL_MSG("Init CRL failed"); - FreeCRL(cm->crl); + FreeCRL(cm->crl, 1); cm->crl = NULL; return SSL_FAILURE; } @@ -3179,6 +3179,9 @@ int AddSession(CYASSL* ssl) /* No session cache version */ CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) { + (void)ssl; + (void)masterSecret; + return NULL; }