From e3d2d4fb283615831379b971ed23958d45b941ca Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Wed, 8 Apr 2020 17:38:27 +0200
Subject: [PATCH] BUG/MINOR: ssl: memleak of the struct cert_key_and_chain

Free the struct cert_key_and_chain when calling ckchs_free(),
a memory leak can occur when using 'commit ssl cert'.

Must be backported to 2.1.

(cherry picked from commit 8621ac5570a7cd225005f35808616d28a9774e88)
Signed-off-by: William Lallemand <wlallemand@haproxy.org>
---
 src/ssl_sock.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a0ae9d7..17a6f7e 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3508,12 +3508,16 @@ void ckchs_free(struct ckch_store *ckchs)
 	if (ckchs->multi) {
 		int n;
 
-		for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++)
+		for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
 			ssl_sock_free_cert_key_and_chain_contents(&ckchs->ckch[n]);
+		}
+		free(ckchs->ckch);
+		ckchs->ckch = NULL;
 	} else
 #endif
 	{
 		ssl_sock_free_cert_key_and_chain_contents(ckchs->ckch);
+		free(ckchs->ckch);
 		ckchs->ckch = NULL;
 	}
 
-- 
1.7.10.4