commit 46db7293dc0dbebc7efdb39a20c1ea26da48bc53
author Timothy Bish <tabish121@gmail.com> Mon Jan 22 17:03:04 2018 -0500
committer Timothy Bish <tabish121@gmail.com> Mon Jan 22 17:03:35 2018 -0500
tree 4043093e71398e25a430f809cb3888533ce9f98c
parent 4d010e12f05fc6283ed9c5558543973b2ba7b0e7

AMQCPP-623 AMQCPP-622 Fix OpenSSL issues

Fix possible memory leak and address issues with build on newer
releases.
(cherry picked from commit 0eb4320503f34d90f2668211486e97974f926918)

activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp

diff --git a/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp b/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
index aedd2d4..ffa39c7 100644
--- a/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
+++ b/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
@@ -658,28 +658,43 @@
         const char* extensionName = OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
 
         if (StringUtils::compare("subjectAltName", extensionName) == 0) {
-
             X509V3_EXT_METHOD* method = (X509V3_EXT_METHOD*) X509V3_EXT_get(extension);
             if (method == NULL) {
                 break;
             }
 
-            const unsigned char* data = extension->value->data;
-            STACK_OF(CONF_VALUE)* confValue = method->i2v(method,
-                    method->it ?
-                            ASN1_item_d2i(NULL, &data, extension->value->length, ASN1_ITEM_ptr(method->it)) :
-                            method->d2i(NULL, &data, extension->value->length), NULL);
+            bool found = false;
+            const unsigned char* data = ASN1_STRING_data(X509_EXTENSION_get_data(extension));
+            long length = ASN1_STRING_length(X509_EXTENSION_get_data(extension));
+            void* ext_data;
+
+            if (method->it) {
+                ext_data = ASN1_item_d2i(NULL, &data, length, ASN1_ITEM_ptr(method->it));
+            } else {
+                ext_data = method->d2i(NULL, &data, length);
+            }
+            STACK_OF(CONF_VALUE)* confValue = method->i2v(method, ext_data, NULL);
 
             CONF_VALUE* value = NULL;
 
             for (int iy = 0; iy < sk_CONF_VALUE_num( confValue ); iy++) {
-                value = sk_CONF_VALUE_value( confValue, iy );
+                value = sk_CONF_VALUE_value(confValue, iy);
                 if ((StringUtils::compare(value->name, "DNS") == 0) && StringUtils::compare(value->value, serverName.c_str()) == 0) {
-
-                    // Found it.
-                    return;
+                    found = true;
+                    break;
                 }
             }
+
+            sk_CONF_VALUE_pop_free(confValue, X509V3_conf_free);
+            if (method->it) {
+                ASN1_item_free((ASN1_VALUE*)ext_data, ASN1_ITEM_ptr(method->it));
+            } else {
+                method->ext_free(ext_data);
+            }
+
+            if (found) {
+                return;
+            }
         }
     }