forked from wolfSSL/wolfssl
Proper initial_ctx clean up
- Call wolfSSL_CTX_free on ssl->initial_ctx so that it decrements the counter and free's the object - Clean up where ssl->initial_ctx is free'd. It only needs to be free'd when the ssl object is being free'd
This commit is contained in:
Juliusz Sosinowicz
@ -6455,7 +6455,7 @@ int InitSSL_Suites(WOLFSSL* ssl)
|
||||
WOLFSSL_SUCCESS return value on success */
|
||||
int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
||||
{
|
||||
int ret;
|
||||
int ret = WOLFSSL_SUCCESS; /* set default ret */
|
||||
byte newSSL;
|
||||
|
||||
WOLFSSL_ENTER("SetSSL_CTX");
|
||||
@ -6475,38 +6475,35 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
||||
if (!newSSL) {
|
||||
WOLFSSL_MSG("freeing old ctx to decrement reference count. Switching ctx.");
|
||||
wolfSSL_CTX_free(ssl->ctx);
|
||||
#if defined(WOLFSSL_HAPROXY)
|
||||
wolfSSL_CTX_free(ssl->initial_ctx);
|
||||
#endif
|
||||
}
|
||||
|
||||
/* increment CTX reference count */
|
||||
wolfSSL_RefInc(&ctx->ref, &ret);
|
||||
ret = wolfSSL_CTX_up_ref(ctx);
|
||||
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
|
||||
if (ret < 0) {
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
return ret;
|
||||
}
|
||||
#else
|
||||
(void)ret;
|
||||
#endif
|
||||
ret = WOLFSSL_SUCCESS; /* set default ret */
|
||||
|
||||
ssl->ctx = ctx; /* only for passing to calls, options could change */
|
||||
/* Don't change version on a SSL object that has already started a
|
||||
* handshake */
|
||||
#if defined(WOLFSSL_HAPROXY)
|
||||
ret = wolfSSL_CTX_up_ref(ctx);
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ssl->initial_ctx = ctx; /* Save access to session key materials */
|
||||
if (ssl->initial_ctx == NULL) {
|
||||
ret = wolfSSL_CTX_up_ref(ctx);
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
ssl->initial_ctx = ctx; /* Save access to session key materials */
|
||||
}
|
||||
else {
|
||||
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
|
||||
return ret;
|
||||
#else
|
||||
(void)ret;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
else {
|
||||
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
|
||||
return ret;
|
||||
#else
|
||||
(void)ret;
|
||||
#endif
|
||||
}
|
||||
|
||||
#endif
|
||||
if (!ssl->msgsReceived.got_client_hello &&
|
||||
!ssl->msgsReceived.got_server_hello)
|
||||
@ -8244,6 +8241,10 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||
#ifdef WOLFSSL_QUIC
|
||||
wolfSSL_quic_free(ssl);
|
||||
#endif
|
||||
#if defined(WOLFSSL_HAPROXY)
|
||||
wolfSSL_CTX_free(ssl->initial_ctx);
|
||||
ssl->initial_ctx = NULL;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Free any handshake resources no longer needed */
|
||||
|
||||
@ -30246,12 +30246,8 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
|
||||
#else
|
||||
(void)ret;
|
||||
#endif
|
||||
if (ssl->ctx) {
|
||||
if (ssl->ctx != NULL)
|
||||
wolfSSL_CTX_free(ssl->ctx);
|
||||
#if defined(WOLFSSL_HAPROXY)
|
||||
wolfSSL_CTX_free(ssl->initial_ctx);
|
||||
#endif
|
||||
}
|
||||
ssl->ctx = ctx;
|
||||
|
||||
#ifndef NO_CERTS
|
||||
|
||||
Reference in New Issue
Block a user