From a1cfde765a2a63798411ce4d518b8d32c085ffbf Mon Sep 17 00:00:00 2001
From: Benjamin Fry <benjaminfry@me.com>
Date: Thu, 23 Mar 2017 22:11:23 -0700
Subject: add cleanup ffi to store context

---
 openssl/src/x509/mod.rs   | 8 ++++++--
 openssl/src/x509/tests.rs | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'openssl/src')

diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index 5dd12b0e..0cfa8ada 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -117,14 +117,18 @@ impl X509StoreContextRef {
     /// # Result
     /// 
     /// The Result must be `Some(None)` to be a valid certificate, otherwise the cert is not valid.
-    pub fn verify_cert(trust: &store::X509StoreRef, cert: &X509Ref, cert_chain: &StackRef<X509>) -> Result<Option<X509VerifyError>, ErrorStack> {
+    pub fn verify_cert(trust: store::X509Store, cert: X509, cert_chain: Stack<X509>) -> Result<Option<X509VerifyError>, ErrorStack> {
         unsafe {
             ffi::init();
             let context = try!(cvt_p(ffi::X509_STORE_CTX_new()).map(|p| X509StoreContext(p)));
             try!(cvt(ffi::X509_STORE_CTX_init(context.as_ptr(), trust.as_ptr(), cert.as_ptr(), cert_chain.as_ptr()))
                 .map(|_| ()));
             try!(cvt(ffi::X509_verify_cert(context.as_ptr())).map(|_| ()));
-            Ok(context.error())
+            
+            let result = Ok(context.error());
+            ffi::X509_STORE_CTX_cleanup(context.as_ptr());
+
+            result
         }
     }
 
diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs
index 05baac12..96d45742 100644
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@@ -303,5 +303,5 @@ fn test_verify_cert() {
     store_bldr.add_cert(ca).unwrap();
     let store = store_bldr.build();
 
-    assert!(X509StoreContext::verify_cert(&store, &cert, &Stack::new().unwrap()).unwrap().is_none());
+    assert!(X509StoreContext::verify_cert(store, cert, Stack::new().unwrap()).unwrap().is_none());
 }
-- 
cgit v1.2.3