© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
The problem with the get_peer_cert_chain implementation was that it returned references to X509s that it didn't really own. When the SSL connection gets destroyed (as it does in the above example when get_cert_chain returns, since it is no longer referenced by anything), the X509s are freed. The contents of the chain are then undefined since they reside in freed memory.
A solution to this is to incref the X509s so that they can outlive the connection if necessary. The crypto_X509Obj's dealloc will free them.