In the trustrouter.c file, servers were being created using
talloc_zero() instead of tls_server_conf_alloc(). Thus, the
destructor _tls_server_conf_free() which frees the SSL_CTX
object was not being called.
tls_session_t *tls_new_client_session(TALLOC_CTX *ctx, fr_tls_server_conf_t *conf, int fd);
fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs);
fr_tls_server_conf_t *tls_client_conf_parse(CONF_SECTION *cs);
+fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx);
SSL_CTX *tls_init_ctx(fr_tls_server_conf_t *conf, int client);
int tls_handshake_recv(REQUEST *, tls_session_t *ssn);
int tls_handshake_send(REQUEST *, tls_session_t *ssn);
return 0;
}
-static fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx)
+fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx)
{
fr_tls_server_conf_t *conf;
char *hexbuf = NULL;
DH *aaa_server_dh;
- tls = talloc_zero( hs, fr_tls_server_conf_t);
+ tls = fr_tls_server_conf_alloc(hs);
if (!tls) return NULL;
aaa_server_dh = tid_srvr_get_dh(server);