From fe64a86cd55d53ac452080810860987dbcd3c29e Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 20 Feb 2014 11:05:24 +0100 Subject: ssl: Correct clean up of certificate database when certs are inputed in pure DER format. The incorrect code could cause a memory leek when certs where inputed in DER. --- lib/ssl/src/ssl_connection.erl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 82106935cb..e283e6079e 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2013-2013. All Rights Reserved. +%% Copyright Ericsson AB 2013-2014. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -1757,12 +1757,12 @@ handle_unrecv_data(StateName, #state{socket = Socket, transport_cb = Transport, Connection:handle_close_alert(Data, StateName, State) end. -handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>}}) -> +handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>, cacerts = []}}) -> %% No trusted certs specified ok; handle_trusted_certs_db(#state{cert_db_ref = Ref, cert_db = CertDb, - ssl_options = #ssl_options{cacertfile = undefined}}) -> + ssl_options = #ssl_options{cacertfile = <<>>}}) -> %% Certs provided as DER directly can not be shared %% with other connections and it is safe to delete them when the connection ends. ssl_pkix_db:remove_trusted_certs(Ref, CertDb); -- cgit v1.2.3