avformat/tls_openssl: properly set this pkey and free it

Signed-off-by: Jack Lau <jacklau1222@qq.com>

Author: JackLau1222

libavformat/tls_openssl.c

@@ -812,7 +812,7 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h)
     int ret;
     TLSContext *p = h->priv_data;
     TLSShared *c = &p->tls_shared;
-    EVP_PKEY *pkey = p->pkey;
+    EVP_PKEY *pkey = NULL;
     X509 *cert = NULL;
     /* setup ca, private key, certificate */
     if (c->ca_file) {
@@ -850,7 +850,7 @@ static av_cold int openssl_init_ca_key_cert(URLContext *h)
             goto fail;
         }
     } else if (p->tls_shared.key_buf) {
-        pkey = pkey_from_pem_string(p->tls_shared.key_buf, 1);
+        p->pkey = pkey = pkey_from_pem_string(p->tls_shared.key_buf, 1);
         if (SSL_CTX_use_PrivateKey(p->ctx, pkey) != 1) {
             av_log(p, AV_LOG_ERROR, "TLS: Init SSL_CTX_use_PrivateKey failed, %s\n", openssl_get_error(p));
             ret = AVERROR(EINVAL);
@@ -878,7 +878,7 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary **
     c->is_dtls = 1;
     const char* ciphers = "ALL";
 #if OPENSSL_VERSION_NUMBER < 0x10002000L // v1.0.2
-    EC_KEY *ec_key;
+    EC_KEY *ec_key = NULL;
 #endif
     /**
      * The profile for OpenSSL's SRTP is SRTP_AES128_CM_SHA1_80, see ssl/d1_srtp.c.
@@ -1007,6 +1007,9 @@ static int dtls_start(URLContext *h, const char *url, int flags, AVDictionary **
 
     ret = 0;
 fail:
+#if OPENSSL_VERSION_NUMBER < 0x10002000L // v1.0.2
+    EC_KEY_free(ec_key);
+#endif
     return ret;
 }