[or-cvs] [tor/maint-0.2.1] Work around a memory leak in openssl 0.9.8g (and maybe others)
Nick Mathewson
nickm at seul.org
Thu Sep 17 04:41:21 UTC 2009
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu, 17 Sep 2009 00:01:20 -0400
Subject: Work around a memory leak in openssl 0.9.8g (and maybe others)
Commit: 9c38941195309c3d9a8620536f7f7246c780b9c7
---
ChangeLog | 3 +++
src/common/tortls.c | 9 +++++++++
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index fccae7d..6446943 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,9 @@ Changes in version 0.2.1.20 - 2009-??-??
- Avoid segfault in rare cases when finishing an introduction circuit
as a client and finding out that we don't have an introduction key
for it. Fixes bug 1073. Reported by Aaron Swartz.
+ - Work around a small memory leak in some versions of OpenSSL that
+ stopped the memory used by the hostname TLS extension from being
+ freed.
o Minor features:
- Add a "getinfo status/accepted-server-descriptor" controller
diff --git a/src/common/tortls.c b/src/common/tortls.c
index aeb0ca0..c6b11e9 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -829,6 +829,9 @@ tor_tls_new(int sock, int isServer)
if (!SSL_set_cipher_list(result->ssl,
isServer ? SERVER_CIPHER_LIST : CLIENT_CIPHER_LIST)) {
tls_log_errors(NULL, LOG_WARN, "setting ciphers");
+#ifdef SSL_set_tlsext_host_name
+ SSL_set_tlsext_host_name(result->ssl, NULL);
+#endif
SSL_free(result->ssl);
tor_free(result);
return NULL;
@@ -839,6 +842,9 @@ tor_tls_new(int sock, int isServer)
bio = BIO_new_socket(sock, BIO_NOCLOSE);
if (! bio) {
tls_log_errors(NULL, LOG_WARN, "opening BIO");
+#ifdef SSL_set_tlsext_host_name
+ SSL_set_tlsext_host_name(result->ssl, NULL);
+#endif
SSL_free(result->ssl);
tor_free(result);
return NULL;
@@ -919,6 +925,9 @@ tor_tls_free(tor_tls_t *tls)
if (!removed) {
log_warn(LD_BUG, "Freeing a TLS that was not in the ssl->tls map.");
}
+#ifdef SSL_set_tlsext_host_name
+ SSL_set_tlsext_host_name(tls->ssl, NULL);
+#endif
SSL_free(tls->ssl);
tls->ssl = NULL;
tls->negotiated_callback = NULL;
--
1.5.6.5
More information about the tor-commits
mailing list