From 0ba06f04477ebb82dc18803f8987d6501627c20d Mon Sep 17 00:00:00 2001 From: Alejandro Perez Date: Wed, 10 May 2017 11:46:55 +0200 Subject: [PATCH] Fix memory leak in trustrouter.c In the trustrouter.c file, servers were being created using talloc_zero() instead of tls_server_conf_alloc(). Thus, the destructor _tls_server_conf_free() which frees the SSL_CTX object was not being called. --- src/include/tls-h | 1 + src/main/tls.c | 2 +- src/modules/rlm_realm/trustrouter.c | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/include/tls-h b/src/include/tls-h index 520553b..095ef1f 100644 --- a/src/include/tls-h +++ b/src/include/tls-h @@ -308,6 +308,7 @@ tls_session_t *tls_new_session(TALLOC_CTX *ctx, fr_tls_server_conf_t *conf, REQU tls_session_t *tls_new_client_session(TALLOC_CTX *ctx, fr_tls_server_conf_t *conf, int fd); fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs); fr_tls_server_conf_t *tls_client_conf_parse(CONF_SECTION *cs); +fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx); SSL_CTX *tls_init_ctx(fr_tls_server_conf_t *conf, int client); int tls_handshake_recv(REQUEST *, tls_session_t *ssn); int tls_handshake_send(REQUEST *, tls_session_t *ssn); diff --git a/src/main/tls.c b/src/main/tls.c index 845d3bc..c676882 100644 --- a/src/main/tls.c +++ b/src/main/tls.c @@ -3104,7 +3104,7 @@ static int _tls_server_conf_free(fr_tls_server_conf_t *conf) return 0; } -static fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx) +fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx) { fr_tls_server_conf_t *conf; diff --git a/src/modules/rlm_realm/trustrouter.c b/src/modules/rlm_realm/trustrouter.c index 206f75e..c3a4d9c 100644 --- a/src/modules/rlm_realm/trustrouter.c +++ b/src/modules/rlm_realm/trustrouter.c @@ -70,7 +70,7 @@ static fr_tls_server_conf_t *construct_tls(TIDC_INSTANCE *inst, char *hexbuf = NULL; DH *aaa_server_dh; - tls = talloc_zero( hs, fr_tls_server_conf_t); + tls = fr_tls_server_conf_alloc(hs); if (!tls) return NULL; aaa_server_dh = tid_srvr_get_dh(server); -- 2.1.4