Fix potential memory leak. This can't happen because we don't implement RSA_PSK, but we probably should check here. Probably |sess_cert| shouldn't be attached to SSL_SESSION anyway; it's only relevant when initializing the session and if it's accessed afterwards, it'll be shared and cause problems. Change-Id: Id868e523195f33c22e057f9b89dc02fe68e9b554 Reviewed-on: https://boringssl-review.googlesource.com/1153 Reviewed-by: Adam Langley <agl@google.com>

commit: 0c49ec97f4f4e9e82da19ce694249c2e78de6d88 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Sat Jul 12 13:16:51 2014 -0400
committer: Adam Langley <agl@google.com> Mon Jul 14 20:49:39 2014 +0000
tree: af6a8ab3bced77b165a3da6409dad0612c6d4d1f
parent: 5235f74bc21af70a18a256c7f8c099c53db302b6 [diff]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 246539c..f7cc488 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -1335,7 +1335,11 @@
 		   later.*/
 		if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aPSK)
 			{
-			s->session->sess_cert=ssl_sess_cert_new();
+			/* PSK ciphersuites that also send a
+			 * Certificate would have already initialized
+			 * |sess_cert|. */
+			if (s->session->sess_cert == NULL)
+				s->session->sess_cert = ssl_sess_cert_new();
 			if (s->session->psk_identity_hint)
 				{
 				OPENSSL_free(s->session->psk_identity_hint);
commit	0c49ec97f4f4e9e82da19ce694249c2e78de6d88	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Sat Jul 12 13:16:51 2014 -0400
committer	Adam Langley <agl@google.com>	Mon Jul 14 20:49:39 2014 +0000
tree	af6a8ab3bced77b165a3da6409dad0612c6d4d1f
parent	5235f74bc21af70a18a256c7f8c099c53db302b6 [diff]