[openssl-users] X509_STORE_free() and X509_LOOKUP_free() also frees the X509 certificates inside it
Jakob Bohm
jb-openssl at wisemo.com
Wed Jun 10 04:18:52 UTC 2015
On 10/06/2015 05:22, Nayna Jain wrote:
>
> Hi all,
>
> I am using X509_STORE and X509_LOOKUP to verify the certificate and
> its chain.
>
> But at the end when I do X509_STORE_free(store) and
> X509_LOOKUP_free(lookup), it is also doing free of the X509*
> certificate which I added.
> But I don't want that, because after that when I immediately try to
> access X509* certificate for further operation, then it results in
> core dump
>
> And if I don't do X509_STORE_free() then it will leave the memory leak.
>
> Let me know how to resolve this and if I misunderstood something.
>
X509 objects (and many other objects in the API) are
reference counted.
Increment the reference count of each certificate as
you add it to the X509_STORE, this should make the
X509 object stay around after X509_STORE_free() frees
it.
However there is a shortage of documentation on the
reference counting functions involved.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150610/96000f47/attachment.html>
More information about the openssl-users
mailing list