Index: ChangeLog ================================================================== --- ChangeLog +++ ChangeLog @@ -1,5 +1,9 @@ +2010-08-11 Jeff Hobbs + + * tls.c (StatusObjCmd): memleak: free peer if loaded. [Bug 3041925] + 2010-07-27 Jeff Hobbs * tls.tcl (tls::socket): some socket implementations have a -type support (e.g. for inet6). Index: tls.c ================================================================== --- tls.c +++ tls.c @@ -3,11 +3,11 @@ * some modifications: * Copyright (C) 2000 Ajuba Solutions * Copyright (C) 2002 ActiveState Corporation * Copyright (C) 2004 Starfish Systems * - * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.30 2008/03/19 22:06:13 hobbs2 Exp $ + * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.31 2010/08/11 19:50:50 hobbs2 Exp $ * * TLS (aka SSL) Channel - can be layered on any bi-directional * Tcl_Channel (Note: Requires Trf Core Patch) * * This was built (almost) from scratch based upon observation of @@ -1147,17 +1147,19 @@ if (Tcl_GetChannelType(chan) != Tls_ChannelType()) { Tcl_AppendResult(interp, "bad channel \"", Tcl_GetChannelName(chan), "\": not a TLS channel", NULL); return TCL_ERROR; } - statePtr = (State *) Tcl_GetChannelInstanceData(chan); - if (objc == 2) - peer = SSL_get_peer_certificate(statePtr->ssl); - else - peer = SSL_get_certificate(statePtr->ssl); + statePtr = (State *) Tcl_GetChannelInstanceData(chan); + if (objc == 2) { + peer = SSL_get_peer_certificate(statePtr->ssl); + } else { + peer = SSL_get_certificate(statePtr->ssl); + } if (peer) { objPtr = Tls_NewX509Obj(interp, peer); + if (objc == 2) { X509_free(peer); } } else { objPtr = Tcl_NewListObj(0, NULL); } Tcl_ListObjAppendElement (interp, objPtr,