Free cert usage before return The ASN1 free will slowly leak memory for incorrect mutual auth connections because if the certificate does not match the requirements the function will return without freeing the usage string. Tested: curl --cert client-cert.pem --key client-key.pem --cacert \ CA-cert.pem https://${bmc}/redfish/v1/SessionService/Sessions Change-Id: I4c335d3cd151187c7a10e7e668d1556c11389039 Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>

commit: b937830fe5a7adba40e63f6059bf2c543733de33 [log] [tgz]
author: Vernon Mauery <vernon.mauery@linux.intel.com> Wed Jun 16 14:06:57 2021 -0700
committer: Vernon Mauery <vernon.mauery@linux.intel.com> Wed Jun 16 14:07:43 2021 -0700
tree: 7a3e3ca96d670ba7a2a79eace93c2c6f1e4a1efa
parent: 83f012978df9abba623153b41457afcd4d86e568 [diff]
diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index 6172b3a..fb64014 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp

@@ -173,6 +173,7 @@
                     isKeyUsageKeyAgreement = true;
                 }
             }
+            ASN1_BIT_STRING_free(usage);
 
             if (!isKeyUsageDigitalSignature || !isKeyUsageKeyAgreement)
             {
@@ -182,7 +183,6 @@
                                     "be used for user authentication";
                 return true;
             }
-            ASN1_BIT_STRING_free(usage);
 
             // Determine that ExtendedKeyUsage includes Client Auth
commit	b937830fe5a7adba40e63f6059bf2c543733de33	[log] [tgz]
author	Vernon Mauery <vernon.mauery@linux.intel.com>	Wed Jun 16 14:06:57 2021 -0700
committer	Vernon Mauery <vernon.mauery@linux.intel.com>	Wed Jun 16 14:07:43 2021 -0700
tree	7a3e3ca96d670ba7a2a79eace93c2c6f1e4a1efa
parent	83f012978df9abba623153b41457afcd4d86e568 [diff]