test case 1628: peer ca cert
ASN1_item_dup
do_ca_cert_bootstrap (stream-ssl.c:413)
ssl_connect (stream-ssl.c:468)
scs_connecting (stream.c:297)
stream_connect (stream.c:320)
Fix by removing the X509_dup().
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
/* SSL_CTX_add_client_CA makes a copy of cert's relevant data. */
SSL_CTX_add_client_CA(ctx, cert);
- /* SSL_CTX_use_certificate() takes ownership of the certificate passed in.
- * 'cert' is owned by sslv->ssl, so we need to duplicate it. */
- cert = X509_dup(cert);
- if (!cert) {
- out_of_memory();
- }
SSL_CTX_set_cert_store(ctx, X509_STORE_new());
if (SSL_CTX_load_verify_locations(ctx, ca_cert.file_name, NULL) != 1) {
VLOG_ERR("SSL_CTX_load_verify_locations: %s",