changeset:   99144:6c733337afae
branch:      3.5
parent:      99136:e4a69eb34ad7
parent:      99143:41ddf2c47a18
user:        Benjamin Peterson <benjamin@python.org>
date:        Sat Nov 14 15:14:42 2015 -0800
files:       Misc/NEWS Modules/_ssl.c Modules/clinic/_ssl.c.h
description:
merge 3.4 (#25578)


diff -r e4a69eb34ad7 -r 6c733337afae Misc/NEWS
--- a/Misc/NEWS	Sat Nov 14 15:11:17 2015 +0200
+++ b/Misc/NEWS	Sat Nov 14 15:14:42 2015 -0800
@@ -245,6 +245,8 @@
 - Issue #24881: Fixed setting binary mode in Python implementation of FileIO
   on Windows and Cygwin.  Patch from Akira Li.
 
+- Issue #25578: Fix (another) memory leak in SSLSocket.getpeercer().
+
 - Issue #25530: Disable the vulnerable SSLv3 protocol by default when creating
   ssl.SSLContext.
 
diff -r e4a69eb34ad7 -r 6c733337afae Modules/_ssl.c
--- a/Modules/_ssl.c	Sat Nov 14 15:11:17 2015 +0200
+++ b/Modules/_ssl.c	Sat Nov 14 15:14:42 2015 -0800
@@ -1017,7 +1017,10 @@
     AUTHORITY_INFO_ACCESS *info;
 
     info = X509_get_ext_d2i(certificate, NID_info_access, NULL, NULL);
-    if ((info == NULL) || (sk_ACCESS_DESCRIPTION_num(info) == 0)) {
+    if (info == NULL)
+        return Py_None;
+    if (sk_ACCESS_DESCRIPTION_num(info) == 0) {
+        AUTHORITY_INFO_ACCESS_free(info);
         return Py_None;
     }
 
@@ -3967,7 +3970,7 @@
         else if ((target = PyUnicode_DecodeFSDefault(tmp)) == NULL) { \
             target = PyBytes_FromString(tmp); } \
         if (!target) goto error; \
-    } 
+    }
 
     CONVERT(X509_get_default_cert_file_env(), ofile_env);
     CONVERT(X509_get_default_cert_file(), ofile);