generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix memory leak in s3_clnt.c

Browse Source
This commit is contained in:
Bodo Möller 1999-07-12 17:15:42 +00:00
parent d9f0016bc5
commit 5059658219
3 changed files with 29 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,6 +4,12 @@
Changes between 0.9.3a and 0.9.4 Changes between 0.9.3a and 0.9.4
*) Fix memory leaks in s3_clnt.c: All non-anonymous SSL3/TLS1 connections
without temporary keys kept an extra copy of the server key,
and connections with temporary keys did not free everything in case
of an error.
[Bodo Moeller]
*) New function RSA_check_key and new openssl rsa option -check *) New function RSA_check_key and new openssl rsa option -check
for verifying the consistency of RSA keys. for verifying the consistency of RSA keys.
[Ulf Moeller, Bodo Moeller] [Ulf Moeller, Bodo Moeller]

36
apps/s_server.c
View File

@ -226,6 +226,9 @@ static void sv_usage(void)
BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n");
BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n");
BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n");
#ifndef NO_DH
BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n");
#endif
BIO_printf(bio_err," -bugs - Turn on SSL bug compatability\n"); BIO_printf(bio_err," -bugs - Turn on SSL bug compatability\n");
BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
@ -393,7 +396,7 @@ int MAIN(int argc, char *argv[])
int badop=0,bugs=0; int badop=0,bugs=0;
int ret=1; int ret=1;
int off=0; int off=0;
int no_tmp_rsa=0,nocert=0; int no_tmp_rsa=0,no_dhe=0,nocert=0;
int state=0; int state=0;
SSL_METHOD *meth=NULL; SSL_METHOD *meth=NULL;
#ifndef NO_DH #ifndef NO_DH
@ -518,6 +521,8 @@ int MAIN(int argc, char *argv[])
{ bugs=1; } { bugs=1; }
else if (strcmp(*argv,"-no_tmp_rsa") == 0) else if (strcmp(*argv,"-no_tmp_rsa") == 0)
{ no_tmp_rsa=1; } { no_tmp_rsa=1; }
else if (strcmp(*argv,"-no_dhe") == 0)
{ no_dhe=1; }
else if (strcmp(*argv,"-www") == 0) else if (strcmp(*argv,"-www") == 0)
{ www=1; } { www=1; }
else if (strcmp(*argv,"-WWW") == 0) else if (strcmp(*argv,"-WWW") == 0)
@ -620,21 +625,24 @@ bad:
} }
#ifndef NO_DH #ifndef NO_DH
/* EAY EAY EAY evil hack */ if (!no_dhe)
dh=load_dh_param();
if (dh != NULL)
{ {
BIO_printf(bio_s_out,"Setting temp DH parameters\n"); /* EAY EAY EAY evil hack */
} dh=load_dh_param();
else if (dh != NULL)
{ {
BIO_printf(bio_s_out,"Using default temp DH parameters\n"); BIO_printf(bio_s_out,"Setting temp DH parameters\n");
dh=get_dh512(); }
} else
(void)BIO_flush(bio_s_out); {
BIO_printf(bio_s_out,"Using default temp DH parameters\n");
dh=get_dh512();
}
(void)BIO_flush(bio_s_out);
SSL_CTX_set_tmp_dh(ctx,dh); SSL_CTX_set_tmp_dh(ctx,dh);
DH_free(dh); DH_free(dh);
}
#endif #endif
if (!set_cert_stuff(ctx,s_cert_file,s_key_file)) if (!set_cert_stuff(ctx,s_cert_file,s_key_file))

1
ssl/s3_clnt.c
View File

@ -1336,6 +1336,7 @@ static int ssl3_send_client_key_exchange(SSL *s)
goto err; goto err;
} }
rsa=pkey->pkey.rsa; rsa=pkey->pkey.rsa;
EVP_PKEY_free(pkey);
} }
tmp_buf[0]=s->client_version>>8; tmp_buf[0]=s->client_version>>8;