From 5d062ef54c336e59a34c4b98bcdc2ba835701a45 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Wed, 4 Sep 2002 01:56:09 +0000
Subject: [PATCH] Don't call X509_free after SSL_get_certificate, it's not a
 duplicate.

---
 libraries/libldap/tls.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index ed31ff94bc..d98c50e125 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -231,6 +231,8 @@ ldap_pvt_tls_init_def_ctx( void )
 			goto error_exit;
 		}
 
+		SSL_CTX_set_session_id_context( tls_def_ctx,
+			"OpenLDAP", sizeof("OpenLDAP")-1 );
 		if ( tls_opt_ciphersuite &&
 			!SSL_CTX_set_cipher_list( tls_def_ctx, ciphersuite ) )
 		{
@@ -884,7 +886,6 @@ ldap_pvt_tls_get_my_dn( void *s, struct berval *dn, LDAPDN_rewrite_dummy *func,
 	
 	xn = X509_get_subject_name(x);
 	rc = ldap_X509dn2bv(xn, dn, (LDAPDN_rewrite_func *)func, flags );
-	X509_free(x);
 	return rc;
 }
 
@@ -915,7 +916,6 @@ ldap_pvt_tls_get_peer_dn( void *s, struct berval *dn, LDAPDN_rewrite_dummy *func
 	
 	xn = X509_get_subject_name(x);
 	rc = ldap_X509dn2bv(xn, dn, (LDAPDN_rewrite_func *)func, flags);
-	X509_free(x);
 	return rc;
 }
 
@@ -934,12 +934,10 @@ ldap_pvt_tls_get_peer_hostname( void *s )
 
 	ret = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
 	if( ret == -1 ) {
-		X509_free(x);
 		return NULL;
 	}
 
 	p = LDAP_STRDUP(buf);
-	X509_free(x);
 	return p;
 }
 
@@ -1066,7 +1064,6 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in )
 			ret = LDAP_SUCCESS;
 		}
 	}
-	X509_free(x);
 	return ret;
 }
 
@@ -1084,7 +1081,6 @@ ldap_pvt_tls_get_peer_issuer( void *s )
 	
 	xn = X509_get_issuer_name(x);
 	p = LDAP_STRDUP(X509_NAME_oneline(xn, buf, sizeof(buf)));
-	X509_free(x);
 	return p;
 #else
 	return NULL;
-- 
2.39.5