fix memory leak in s3_clnt.c

50596582 · Bodo Möller · d9f0016b · 50596582 · 50596582 · 50596582
隐藏空白更改
内联并排

Showing with 29 addition and 14 deletion

CHANGES CHANGES +6 -0

apps/s_server.c apps/s_server.c +22 -14

ssl/s3_clnt.c ssl/s3_clnt.c +1 -0

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@

 Changes between 0.9.3a and 0.9.4

+  *) Fix memory leaks in s3_clnt.c: All non-anonymous SSL3/TLS1 connections
+     without temporary keys kept an extra copy of the server key,
+     and connections with temporary keys did not free everything in case
+     of an error.
+     [Bodo Moeller]
+
  *) New function RSA_check_key and new openssl rsa option -check
     for verifying the consistency of RSA keys.
     [Ulf Moeller, Bodo Moeller]

--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -226,6 +226,9 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
 	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
 	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
+#ifndef NO_DH
+	BIO_printf(bio_err," -no_dhe       - Disable ephemeral DH\n");
+#endif
 	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatability\n");
 	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
 	BIO_printf(bio_err," -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
@@ -393,7 +396,7 @@ int MAIN(int argc, char *argv[])
 	int badop=0,bugs=0;
 	int ret=1;
 	int off=0;
-	int no_tmp_rsa=0,nocert=0;
+	int no_tmp_rsa=0,no_dhe=0,nocert=0;
 	int state=0;
 	SSL_METHOD *meth=NULL;
 #ifndef NO_DH
@@ -518,6 +521,8 @@ int MAIN(int argc, char *argv[])
 			{ bugs=1; }
 		else if	(strcmp(*argv,"-no_tmp_rsa") == 0)
 			{ no_tmp_rsa=1; }
+		else if	(strcmp(*argv,"-no_dhe") == 0)
+			{ no_dhe=1; }
 		else if	(strcmp(*argv,"-www") == 0)
 			{ www=1; }
 		else if	(strcmp(*argv,"-WWW") == 0)
@@ -620,21 +625,24 @@ bad:
 		}

 #ifndef NO_DH
-	/* EAY EAY EAY evil hack */
-	dh=load_dh_param();
-	if (dh != NULL)
-		{
-		BIO_printf(bio_s_out,"Setting temp DH parameters\n");
-		}
-	else
+	if (!no_dhe)
 		{
-		BIO_printf(bio_s_out,"Using default temp DH parameters\n");
-		dh=get_dh512();
-		}
-	(void)BIO_flush(bio_s_out);
+		/* EAY EAY EAY evil hack */
+		dh=load_dh_param();
+		if (dh != NULL)
+			{
+			BIO_printf(bio_s_out,"Setting temp DH parameters\n");
+			}
+		else
+			{
+			BIO_printf(bio_s_out,"Using default temp DH parameters\n");
+			dh=get_dh512();
+			}
+		(void)BIO_flush(bio_s_out);

-	SSL_CTX_set_tmp_dh(ctx,dh);
-	DH_free(dh);
+		SSL_CTX_set_tmp_dh(ctx,dh);
+		DH_free(dh);
+		}
 #endif
 	
 	if (!set_cert_stuff(ctx,s_cert_file,s_key_file))

--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1336,6 +1336,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
 					goto err;
 					}
 				rsa=pkey->pkey.rsa;
+				EVP_PKEY_free(pkey);
 				}
 				
 			tmp_buf[0]=s->client_version>>8;