feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Proper initial_ctx clean up

Browse Source 
- Call wolfSSL_CTX_free on ssl->initial_ctx so that it decrements the counter and free's the object
- Clean up where ssl->initial_ctx is free'd. It only needs to be free'd when the ssl object is being free'd
This commit is contained in:
Juliusz Sosinowicz
2023-10-05 16:23:43 +02:00
parent 96205fc80d
commit 80c8c62fb2
2 changed files with 20 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/internal.c
View File

@ -6455,7 +6455,7 @@ int InitSSL_Suites(WOLFSSL* ssl)
WOLFSSL_SUCCESS return value on success */ WOLFSSL_SUCCESS return value on success */
int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
{ {
int ret; int ret = WOLFSSL_SUCCESS; /* set default ret */
byte newSSL; byte newSSL;
WOLFSSL_ENTER("SetSSL_CTX"); WOLFSSL_ENTER("SetSSL_CTX");
@ -6475,38 +6475,35 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
if (!newSSL) { if (!newSSL) {
WOLFSSL_MSG("freeing old ctx to decrement reference count. Switching ctx."); WOLFSSL_MSG("freeing old ctx to decrement reference count. Switching ctx.");
wolfSSL_CTX_free(ssl->ctx); wolfSSL_CTX_free(ssl->ctx);
#if defined(WOLFSSL_HAPROXY)
wolfSSL_CTX_free(ssl->initial_ctx);
#endif
} }
/* increment CTX reference count */ /* increment CTX reference count */
wolfSSL_RefInc(&ctx->ref, &ret); ret = wolfSSL_CTX_up_ref(ctx);
#ifdef WOLFSSL_REFCNT_ERROR_RETURN #ifdef WOLFSSL_REFCNT_ERROR_RETURN
if (ret < 0) { if (ret != WOLFSSL_SUCCESS) {
return ret; return ret;
} }
#else #else
(void)ret; (void)ret;
#endif #endif
ret = WOLFSSL_SUCCESS; /* set default ret */
ssl->ctx = ctx; /* only for passing to calls, options could change */ ssl->ctx = ctx; /* only for passing to calls, options could change */
/* Don't change version on a SSL object that has already started a /* Don't change version on a SSL object that has already started a
* handshake */ * handshake */
#if defined(WOLFSSL_HAPROXY) #if defined(WOLFSSL_HAPROXY)
ret = wolfSSL_CTX_up_ref(ctx); if (ssl->initial_ctx == NULL) {
if (ret == WOLFSSL_SUCCESS) { ret = wolfSSL_CTX_up_ref(ctx);
ssl->initial_ctx = ctx; /* Save access to session key materials */ if (ret == WOLFSSL_SUCCESS) {
ssl->initial_ctx = ctx; /* Save access to session key materials */
}
else {
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
return ret;
#else
(void)ret;
#endif
}
} }
else {
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
return ret;
#else
(void)ret;
#endif
}
#endif #endif
if (!ssl->msgsReceived.got_client_hello && if (!ssl->msgsReceived.got_client_hello &&
!ssl->msgsReceived.got_server_hello) !ssl->msgsReceived.got_server_hello)
@ -8244,6 +8241,10 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#ifdef WOLFSSL_QUIC #ifdef WOLFSSL_QUIC
wolfSSL_quic_free(ssl); wolfSSL_quic_free(ssl);
#endif #endif
#if defined(WOLFSSL_HAPROXY)
wolfSSL_CTX_free(ssl->initial_ctx);
ssl->initial_ctx = NULL;
#endif
} }
/* Free any handshake resources no longer needed */ /* Free any handshake resources no longer needed */

6
src/ssl.c
View File

@ -30246,12 +30246,8 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
#else #else
(void)ret; (void)ret;
#endif #endif
if (ssl->ctx) { if (ssl->ctx != NULL)
wolfSSL_CTX_free(ssl->ctx); wolfSSL_CTX_free(ssl->ctx);
#if defined(WOLFSSL_HAPROXY)
wolfSSL_CTX_free(ssl->initial_ctx);
#endif
}
ssl->ctx = ctx; ssl->ctx = ctx;
#ifndef NO_CERTS #ifndef NO_CERTS