From 7393b0eea09f7f12a873176f2850440099956db4 Mon Sep 17 00:00:00 2001
From: toddouska <todd@wolfssl.com>
Date: Wed, 23 Sep 2015 11:20:40 -0700
Subject: [PATCH] allow user to free x509 object in static case (no op)

---
 src/ssl.c      | 25 ++++++++++++++++++++++---
 wolfssl/test.h |  1 +
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 7ad1ba83d..41dbafadc 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -8988,12 +8988,30 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
 #endif /* KEEP_PEER_CERT */
 
 
+#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || defined(OPENSSSL_EXTRA)
+
+/* user externally called free X509, if dynamic go ahead with free, otherwise
+ * don't */
+static void ExternalFreeX509(WOLFSSL_X509* x509)
+{
+    WOLFSSL_ENTER("ExternalFreeX509");
+    if (x509) {
+        if (x509->dynamicMemory) {
+            FreeX509(x509);
+        } else {
+            WOLFSSL_MSG("free called on non dynamic object, not freeing");
+        }
+    }
+}
+
+#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSSL_EXTRA */
+
 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
 
     void wolfSSL_FreeX509(WOLFSSL_X509* x509)
     {
         WOLFSSL_ENTER("wolfSSL_FreeX509");
-        FreeX509(x509);
+        ExternalFreeX509(x509);
     }
 
 
@@ -10187,9 +10205,10 @@ WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl)  /* what's ref count */
 }
 
 
-void wolfSSL_X509_free(WOLFSSL_X509* buf)
+void wolfSSL_X509_free(WOLFSSL_X509* x509)
 {
-    FreeX509(buf);
+    WOLFSSL_ENTER("wolfSSL_X509_free");
+    ExternalFreeX509(x509);
 }
 
 
diff --git a/wolfssl/test.h b/wolfssl/test.h
index 74e81c27b..89595872a 100644
--- a/wolfssl/test.h
+++ b/wolfssl/test.h
@@ -368,6 +368,7 @@ static INLINE void showPeer(WOLFSSL* ssl)
         ShowX509(peer, "peer's cert info:");
     else
         printf("peer has no cert!\n");
+    wolfSSL_FreeX509(peer);
 #endif
     printf("SSL version is %s\n", wolfSSL_get_version(ssl));