diff options
| author | Mariatta <Mariatta@users.noreply.github.com> | 2017-04-15 01:34:11 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-15 01:34:11 (GMT) |
| commit | 8e7201342dc6eef201bfa4f533ad89a8144fd693 (patch) | |
| tree | d798c777d8ba19c1e87048f91aa1a61d1a853d8b /Modules | |
| parent | 2e30eb6a98fb9b47e840528b41f1fc4446c69f36 (diff) | |
| download | cpython-8e7201342dc6eef201bfa4f533ad89a8144fd693.zip cpython-8e7201342dc6eef201bfa4f533ad89a8144fd693.tar.gz cpython-8e7201342dc6eef201bfa4f533ad89a8144fd693.tar.bz2 | |
[3.6] bpo-29738: Fix memory leak in _get_crl_dp (GH-526) (GH-1142)
* Remove conditional on free of `dps`, since `dps` is now allocated for
all versions of OpenSSL
* Remove call to `x509_check_ca` since it was only used to cache
the `crldp` field of the certificate
CRL_DIST_POINTS_free is available in all supported versions of OpenSSL
(recent 0.9.8+) and LibreSSL.
(cherry picked from commit 2849cc34a8db93d448a62d69c462402347b50dcb)
Diffstat (limited to 'Modules')
| -rw-r--r-- | Modules/_ssl.c | 8 |
1 files changed, 1 insertions, 7 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index c0a7b8e..2a2c18f 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1210,10 +1210,6 @@ _get_crl_dp(X509 *certificate) { int i, j; PyObject *lst, *res = NULL; -#if OPENSSL_VERSION_NUMBER >= 0x10001000L - /* Calls x509v3_cache_extensions and sets up crldp */ - X509_check_ca(certificate); -#endif dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL); if (dps == NULL) @@ -1258,9 +1254,7 @@ _get_crl_dp(X509 *certificate) { done: Py_XDECREF(lst); -#if OPENSSL_VERSION_NUMBER < 0x10001000L - sk_DIST_POINT_free(dps); -#endif + CRL_DIST_POINTS_free(dps); return res; } |