Fix leaks in signature validation.

ok markus@
author: tobhe <tobhe@openbsd.org> 2020-04-22 17:26:54 +0000
committer: tobhe <tobhe@openbsd.org> 2020-04-22 17:26:54 +0000
commit: 7e0422b28c5ac765531211e2d37364d382d81bb4 (patch)
tree: de7795f99195c2a19d646165bbd9cf4b1b8787c3
parent: Revise regress to match state transition changes. (diff)
download: wireguard-openbsd-7e0422b28c5ac765531211e2d37364d382d81bb4.tar.xz
wireguard-openbsd-7e0422b28c5ac765531211e2d37364d382d81bb4.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/sbin/iked/crypto.c b/sbin/iked/crypto.c
index 59429c5a378..d6f6ac51a1f 100644
--- a/sbin/iked/crypto.c
+++ b/sbin/iked/crypto.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: crypto.c,v 1.25 2020/04/20 20:03:38 tobhe Exp $	*/
+/*	$OpenBSD: crypto.c,v 1.26 2020/04/22 17:26:54 tobhe Exp $	*/
 
 /*
  * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@@ -652,6 +652,10 @@ dsa_setkey(struct iked_dsa *dsa, void *key, size_t keylen, uint8_t type)
 		goto err;
 	}
 
+	if (cert != NULL)
+		X509_free(cert);
+	BIO_free(rawcert);	/* temporary for parsing */
+
 	return (dsa->dsa_keydata);
 
  sslerr:
author	tobhe <tobhe@openbsd.org>	2020-04-22 17:26:54 +0000
committer	tobhe <tobhe@openbsd.org>	2020-04-22 17:26:54 +0000
commit	7e0422b28c5ac765531211e2d37364d382d81bb4 (patch)
tree	de7795f99195c2a19d646165bbd9cf4b1b8787c3
parent	Revise regress to match state transition changes. (diff)
download	wireguard-openbsd-7e0422b28c5ac765531211e2d37364d382d81bb4.tar.xz wireguard-openbsd-7e0422b28c5ac765531211e2d37364d382d81bb4.zip