From e5a78fb364dabee1c4e162de4d00452d4f940151 Mon Sep 17 00:00:00 2001 From: "Bill St. Clair" Date: Wed, 14 Sep 2011 21:15:51 -0400 Subject: [PATCH] Call X509_free after SSL_get_peer_certificate --- ffi.lisp | 4 ++++ ssl-verify-test.lisp | 9 ++++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ffi.lisp b/ffi.lisp index d12f17f..7aeea56 100644 --- a/ffi.lisp +++ b/ffi.lisp @@ -231,6 +231,10 @@ :pointer (ssl ssl-pointer)) +(cffi:defcfun ("X509_free" x509-free) + :void + (x509 :pointer)) + (cffi:defcfun ("X509_NAME_oneline" x509-name-oneline) :pointer (x509-name :pointer) diff --git a/ssl-verify-test.lisp b/ssl-verify-test.lisp index 9b17bf7..cf67c7b 100644 --- a/ssl-verify-test.lisp +++ b/ssl-verify-test.lisp @@ -24,9 +24,12 @@ (let* ((ssl (ssl-stream-handle ssl-stream)) (cert (ssl-get-peer-certificate ssl))) (unless (cffi:null-pointer-p cert) - (multiple-value-bind (issuer subject) - (x509-certificate-names cert) - (format output-stream " issuer: ~a~% subject: ~a~%" issuer subject))))) + (unwind-protect + (multiple-value-bind (issuer subject) + (x509-certificate-names cert) + (format output-stream + " issuer: ~a~% subject: ~a~%" issuer subject)) + (x509-free cert))))) ;; from cl+ssl/example.lisp (defun test-https-client-2 (host &key (port 443) show-text-p)