From 4ad50a469db95965e71af211e4d2628af8a5d9dc Mon Sep 17 00:00:00 2001
From: Emeric Brun <ebrun@exceliance.fr>
Date: Tue, 17 Sep 2013 15:19:54 +0200
Subject: [PATCH] BUG/MEDIUM: ssl: potential memory leak using verifyhost

If server certificate presents dns aliases, a memory leak appears
on health checks when 'verifyhost' statement is used.
---
 src/ssl_sock.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a55a5bf4c..4ae27fc30 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -861,6 +861,7 @@ static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
 				}
 			}
 		}
+		sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
 	}
 
 	cert_subject = X509_get_subject_name(cert);