Re: Issue with freeing X509

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I thought this had become documented recently (i.e., in master only, not even in 1.1.0), but can't find any evidence of such documentation.

SSL_CTX_use_PrivateKey() takes a reference on its pkey argument in the same way as SSL_CTX_use_certificate(); it is safe for the local code to free its local copy.

-Ben

On 10/17/2017 12:32 PM, Adi Mallikarjuna Reddy V wrote:
Is this documented some where? 

Also is the same true - with SSL_CTX_use_PrivateKey(ctx, evp_pkey) ? where I can free evp_pkey with EVP_PKEY_free()?


Thanks
Adi

On Tue, Oct 17, 2017 at 9:50 AM, Benjamin Kaduk <bkaduk@xxxxxxxxxx> wrote:
On 10/17/2017 11:27 AM, Adi Mallikarjuna Reddy V wrote:
I am only worried about the following line. 

SSL_CTX_use_certificate(ctx, cert)

After this line is it safe to free cert object while ctx is still used later on?


 SSL_CTX_use_certificate(ctx, cert), on successful return, takes an additional reference on the supplied |cert| argument to account for the pointer in |ctx|.  Thus, the caller of SSL_CTX_use_certificate() can safely call X509_free(cert) to release the caller's local reference, while the |ctx| retains a pointer to |cert|.

-Ben


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux