5585723036
Fixes: rhbz#1436445
31 lines
1.1 KiB
Diff
31 lines
1.1 KiB
Diff
diff -ru a/src/node_crypto.cc b/src/node_crypto.cc
|
|
--- a/src/node_crypto.cc 2017-03-31 22:39:56.483283868 +0200
|
|
+++ b/src/node_crypto.cc 2017-03-31 22:45:36.250267750 +0200
|
|
@@ -851,8 +851,6 @@
|
|
}
|
|
}
|
|
|
|
- // Increment reference count so global store is not deleted along with CTX.
|
|
- X509_STORE_up_ref(root_cert_store);
|
|
SSL_CTX_set_cert_store(sc->ctx_, root_cert_store);
|
|
}
|
|
|
|
diff -ru a/src/node_crypto.h b/src/node_crypto.h
|
|
--- a/src/node_crypto.h 2017-03-21 20:43:33.000000000 +0100
|
|
+++ b/src/node_crypto.h 2017-03-31 22:43:15.548183432 +0200
|
|
@@ -145,6 +145,13 @@
|
|
}
|
|
|
|
env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
|
|
+ if (ctx_->cert_store == root_cert_store) {
|
|
+ // SSL_CTX_free() will attempt to free the cert_store as well.
|
|
+ // Since we want our root_cert_store to stay around forever
|
|
+ // we just clear the field. Hopefully OpenSSL will not modify this
|
|
+ // struct in future versions.
|
|
+ ctx_->cert_store = nullptr;
|
|
+ }
|
|
SSL_CTX_free(ctx_);
|
|
if (cert_ != nullptr)
|
|
X509_free(cert_);
|
|
|