From cc781e31f37d53c7d8ba0654db4e47e04c88f662 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun, 5 Jul 2015 12:43:20 -0400
Subject: fixed a leak in the event of non-DNS GN

---
 src/cryptography/hazmat/backends/openssl/backend.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 06801bc9..bbec6185 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -146,10 +146,11 @@ def _encode_subject_alt_name(backend, san):
     )
 
     for alt_name in san:
-        gn = backend._lib.GENERAL_NAME_new()
-        assert gn != backend._ffi.NULL
         if isinstance(alt_name, x509.DNSName):
+            gn = backend._lib.GENERAL_NAME_new()
+            assert gn != backend._ffi.NULL
             gn.type = backend._lib.GEN_DNS
+
             ia5 = backend._lib.ASN1_IA5STRING_new()
             assert ia5 != backend._ffi.NULL
 
-- 
cgit v1.2.3