修复CI构建失败

修复异常处理错误

program/src/cert_session.cpp

@@ -862,7 +862,7 @@ int X509_hsm_sign(X509* x509, unsigned long mech, CK_SESSION_HANDLE session)
 	CK_OBJECT_HANDLE hObject = 0;
 
 #ifdef SOHT_HSM_ENABLE
-	mech = CKM_CERTEX_GOSTR3410_2001;
+	mech = CKM_SHA256_RSA_PKCS;
 	xret = soft_find_object(session, CKO_PRIVATE_KEY, &hObject);
 #else
 	xret = x509_find_object(session, &hObject);
@@ -1039,8 +1039,6 @@ X509 *ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt, char *pkey, in
 	return crt;
 errout:
 	X509_free(crt);
-	if(key)
-		EVP_PKEY_free(key);
 err:
 	return NULL;
 }
@@ -1537,8 +1535,11 @@ static int redis_clnt_pdu_send(struct tfe_http_request *request)
     char *sign = NULL, pkey[SG_DATA_SIZE] = {0};
 
     uint64_t expire_time = x509_online_append(&thread->def, request, &sign, pkey, &stack_ca);
-    if (sign == NULL && pkey[0] == '\0')
+    if (sign == NULL || pkey[0] == '\0')
 	{
+		if (request->origin)
+        	X509_free(request->origin);
+		request_destroy(request);
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Failed to sign certificate");
 		evhttp_socket_send_error(request->evh_req, HTTP_NOTFOUND);
 		return xret;
@@ -1902,6 +1903,7 @@ void http_get_cb(struct evhttp_request *evh_req, void *arg)
 	{
 		if (xret == -2)
 		{
+			request_destroy(request);
 			evhttp_send_reply(evh_req, 200, "OK", NULL);
 			goto finish;
 		}
@@ -2277,6 +2279,14 @@ void sigproc(int __attribute__((__unused__))sig)
     for (tid = 0; tid <  g_certstore_policy->thread_nu; tid++)
 	{
         thread = threads + tid;
+
+		struct x509_object_ctx *def = &thread->def;
+
+		if(def->root)  X509_free(def->root);
+		if(def->key)  EVP_PKEY_free(def->key);
+		if(def->insec_root)  X509_free(def->insec_root);
+		if(def->insec_key)  EVP_PKEY_free(def->insec_key);
+
         if (thread->sync)
 		{
             redisAsyncDisconnect(thread->cl_ctx);