From 97e77603471b35fac18511499a9ee2096108b58b Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Tue, 12 Jun 2012 10:34:45 +0100
Subject: [PATCH] OpenSSL: Fix leak of cert_x509

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
---
 openssl.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/openssl.c b/openssl.c
index fb731279..e3e5c48d 100644
--- a/openssl.c
+++ b/openssl.c
@@ -1312,9 +1312,15 @@ void openconnect_close_https(struct openconnect_info *vpninfo, int final)
 		FD_CLR(vpninfo->ssl_fd, &vpninfo->select_efds);
 		vpninfo->ssl_fd = -1;
 	}
-	if (final && vpninfo->https_ctx) {
-		SSL_CTX_free(vpninfo->https_ctx);
-		vpninfo->https_ctx = NULL;
+	if (final) {
+		if (vpninfo->https_ctx) {
+			SSL_CTX_free(vpninfo->https_ctx);
+			vpninfo->https_ctx = NULL;
+		}
+		if (vpninfo->cert_x509) {
+			X509_free(vpninfo->cert_x509);
+			vpninfo->cert_x509 = NULL;
+		}
 	}
 }