vtls/rustls: simplify builder cleanup

Don't build `config_builder` just to free the resulting config, free the builder directly. When `cr_init_backend` encounters an error condition setting up the Rustls client configuration it must do something with the `config_builder` that was constructed earlier to avoid a memory leak. The previous implementation preferred to use a pattern of building the builder (thus consuming it) and then freeing the built config (to avoid a memory leak). However, the purpose/intent is clearer when we just free the builder directly instead of building it and freeing the result. Closes #14889
2024-07-19 12:23:18 -04:00 · 2024-07-19 12:23:18 -04:00 · d38458d823
commit d38458d823
parent bef0acaf21
1 changed files with 4 additions and 8 deletions
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@ -646,8 +646,7 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
      if(result != RUSTLS_RESULT_OK) {
        failf(data, "rustls: failed to parse trusted certificates from blob");
        rustls_root_cert_store_builder_free(roots_builder);
-        rustls_client_config_free(
-          rustls_client_config_builder_build(config_builder));
+        rustls_client_config_builder_free(config_builder);
        return CURLE_SSL_CACERT_BADFILE;
      }
    }
@ -658,8 +657,7 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
      if(result != RUSTLS_RESULT_OK) {
        failf(data, "rustls: failed to load trusted certificates");
        rustls_root_cert_store_builder_free(roots_builder);
-        rustls_client_config_free(
-          rustls_client_config_builder_build(config_builder));
+        rustls_client_config_builder_free(config_builder);
        return CURLE_SSL_CACERT_BADFILE;
      }
    }
@ -668,8 +666,7 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
    rustls_root_cert_store_builder_free(roots_builder);
    if(result != RUSTLS_RESULT_OK) {
      failf(data, "rustls: failed to load trusted certificates");
-      rustls_client_config_free(
-        rustls_client_config_builder_build(config_builder));
+      rustls_client_config_builder_free(config_builder);
      return CURLE_SSL_CACERT_BADFILE;
    }

@ -704,8 +701,7 @@ cr_init_backend(struct Curl_cfilter *cf, struct Curl_easy *data,
    if(result != RUSTLS_RESULT_OK) {
      failf(data, "rustls: failed to load trusted certificates");
      rustls_server_cert_verifier_free(server_cert_verifier);
-      rustls_client_config_free(
-        rustls_client_config_builder_build(config_builder));
+      rustls_client_config_builder_free(config_builder);
      return CURLE_SSL_CACERT_BADFILE;
    }