context: Don't leak DH* in dhparam_cb

==1429== 336 (144 direct, 192 indirect) bytes in 1 blocks are definitely lost in loss record 567 of 611
...
==1429==    by 0x5ECCBC7: PEM_ASN1_read_bio (in /lib/x86_64-linux-gnu/libcrypto.so.1.0.0)
==1429==    by 0x4E39D8F: dhparam_cb (context.c:184)
==1429==    by 0x5B679D3: ??? (in /lib/x86_64-linux-gnu/libssl.so.1.0.0)
==1429==    by 0x5B6A6EE: ??? (in /lib/x86_64-linux-gnu/libssl.so.1.0.0)
==1429==    by 0x4E3C00D: meth_handshake (ssl.c:103)
...
This commit is contained in:
Paul Aurich 2013-09-09 21:02:41 -07:00
parent 0dab860770
commit 1d920fc13c
2 changed files with 17 additions and 0 deletions

View File

@ -184,6 +184,16 @@ static DH *dhparam_cb(SSL *ssl, int is_export, int keylength)
dh_tmp = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
}
/*
* OpenSSL exepcts the callback to maintain a reference to the DH*. So,
* cache it here, and clean up the previous set of parameters. Any remaining
* set is cleaned up when destroying the LuaSec context.
*/
if (pctx->dh_param)
DH_free(pctx->dh_param);
pctx->dh_param = dh_tmp;
lua_pop(L, 2); /* Remove values from stack */
return dh_tmp;
}
@ -293,6 +303,7 @@ static int create(lua_State *L)
lua_pushstring(L, "error creating context");
return 2;
}
memset(ctx, 0, sizeof(t_context));
ctx->context = SSL_CTX_new(method);
if (!ctx->context) {
lua_pushnil(L);
@ -582,6 +593,11 @@ static int meth_destroy(lua_State *L)
SSL_CTX_free(ctx->context);
ctx->context = NULL;
}
if (ctx->dh_param) {
DH_free(ctx->dh_param);
ctx->dh_param = NULL;
}
return 0;
}

View File

@ -22,6 +22,7 @@
typedef struct t_context_ {
SSL_CTX *context;
lua_State *L;
DH *dh_param;
int mode;
} t_context;
typedef t_context* p_context;