Merge pull request #3688 from julek-wolfssl/correct-cert-free

Use wolfSSL_X509_free to free ourCert
2021-02-09 12:41:12 -08:00 · 2021-02-09 12:41:12 -08:00 · 250b59f8fd
parent 012841bba3 4da9ade290
commit 250b59f8fd
2 changed files with 8 additions and 18 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -1851,8 +1851,7 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
    FreeDer(&ctx->certificate);
    #ifdef KEEP_OUR_CERT
        if (ctx->ourCert && ctx->ownOurCert) {
-            FreeX509(ctx->ourCert);
-            XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509);
+            wolfSSL_X509_free(ctx->ourCert);
            ctx->ourCert = NULL;
        }
    #endif /* KEEP_OUR_CERT */
--- a/src/ssl.c
+++ b/src/ssl.c
@ -5484,11 +5484,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
            if (ssl->buffers.weOwnCert) {
                FreeDer(&ssl->buffers.certificate);
            #ifdef KEEP_OUR_CERT
-                FreeX509(ssl->ourCert);
-                if (ssl->ourCert) {
-                    XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509);
-                    ssl->ourCert = NULL;
-                }
+                wolfSSL_X509_free(ssl->ourCert);
+                ssl->ourCert = NULL;
            #endif
            }
            ssl->buffers.certificate = der;
@ -5501,10 +5498,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
            FreeDer(&ctx->certificate); /* Make sure previous is free'd */
        #ifdef KEEP_OUR_CERT
            if (ctx->ourCert) {
-                if (ctx->ownOurCert) {
-                    FreeX509(ctx->ourCert);
-                    XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509);
-                }
+                if (ctx->ownOurCert)
+                    wolfSSL_X509_free(ctx->ourCert);
                ctx->ourCert = NULL;
            }
        #endif
@ -14798,11 +14793,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
            WOLFSSL_MSG("Unloading cert");
            FreeDer(&ssl->buffers.certificate);
            #ifdef KEEP_OUR_CERT
-                FreeX509(ssl->ourCert);
-                if (ssl->ourCert) {
-                    XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509);
-                    ssl->ourCert = NULL;
-                }
+            wolfSSL_X509_free(ssl->ourCert);
+            ssl->ourCert = NULL;
            #endif
            ssl->buffers.weOwnCert = 0;
        }
@ -42376,8 +42368,7 @@ err:
                x->derCert->length);
 #ifdef KEEP_OUR_CERT
        if (ctx->ourCert != NULL && ctx->ownOurCert) {
-            FreeX509(ctx->ourCert);
-            XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509);
+            wolfSSL_X509_free(ctx->ourCert);
        }
        #ifndef WOLFSSL_X509_STORE_CERTS
        ctx->ourCert = x;