From 34d69d3b23741f89de9bda49d35a8e72fc2f3405 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 12 Dec 2000 08:08:53 +0000 Subject: [PATCH] SSL_new() may potentially add a certfificate. Therefore, wen duplicating the certificate that is in the original SSL, remove the one that SSL_new() provided, if any. Spotted by: Mike Zeoli --- ssl/ssl_lib.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c757ea874..24f314e5b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1718,6 +1718,10 @@ SSL *SSL_dup(SSL *s) if (s->cert != NULL) { + if (ret->cert != NULL) + { + ssl_cert_free(ret->cert); + } ret->cert = ssl_cert_dup(s->cert); if (ret->cert == NULL) goto err;