Commit 9c389411 authored by Nick Mathewson's avatar Nick Mathewson 👁
Browse files

Work around a memory leak in openssl 0.9.8g (and maybe others)

parent b3991ea7
...@@ -45,6 +45,9 @@ Changes in version 0.2.1.20 - 2009-??-?? ...@@ -45,6 +45,9 @@ Changes in version 0.2.1.20 - 2009-??-??
- Avoid segfault in rare cases when finishing an introduction circuit - Avoid segfault in rare cases when finishing an introduction circuit
as a client and finding out that we don't have an introduction key as a client and finding out that we don't have an introduction key
for it. Fixes bug 1073. Reported by Aaron Swartz. for it. Fixes bug 1073. Reported by Aaron Swartz.
- Work around a small memory leak in some versions of OpenSSL that
stopped the memory used by the hostname TLS extension from being
freed.
o Minor features: o Minor features:
- Add a "getinfo status/accepted-server-descriptor" controller - Add a "getinfo status/accepted-server-descriptor" controller
......
...@@ -829,6 +829,9 @@ tor_tls_new(int sock, int isServer) ...@@ -829,6 +829,9 @@ tor_tls_new(int sock, int isServer)
if (!SSL_set_cipher_list(result->ssl, if (!SSL_set_cipher_list(result->ssl,
isServer ? SERVER_CIPHER_LIST : CLIENT_CIPHER_LIST)) { isServer ? SERVER_CIPHER_LIST : CLIENT_CIPHER_LIST)) {
tls_log_errors(NULL, LOG_WARN, "setting ciphers"); tls_log_errors(NULL, LOG_WARN, "setting ciphers");
#ifdef SSL_set_tlsext_host_name
SSL_set_tlsext_host_name(result->ssl, NULL);
#endif
SSL_free(result->ssl); SSL_free(result->ssl);
tor_free(result); tor_free(result);
return NULL; return NULL;
...@@ -839,6 +842,9 @@ tor_tls_new(int sock, int isServer) ...@@ -839,6 +842,9 @@ tor_tls_new(int sock, int isServer)
bio = BIO_new_socket(sock, BIO_NOCLOSE); bio = BIO_new_socket(sock, BIO_NOCLOSE);
if (! bio) { if (! bio) {
tls_log_errors(NULL, LOG_WARN, "opening BIO"); tls_log_errors(NULL, LOG_WARN, "opening BIO");
#ifdef SSL_set_tlsext_host_name
SSL_set_tlsext_host_name(result->ssl, NULL);
#endif
SSL_free(result->ssl); SSL_free(result->ssl);
tor_free(result); tor_free(result);
return NULL; return NULL;
...@@ -919,6 +925,9 @@ tor_tls_free(tor_tls_t *tls) ...@@ -919,6 +925,9 @@ tor_tls_free(tor_tls_t *tls)
if (!removed) { if (!removed) {
log_warn(LD_BUG, "Freeing a TLS that was not in the ssl->tls map."); log_warn(LD_BUG, "Freeing a TLS that was not in the ssl->tls map.");
} }
#ifdef SSL_set_tlsext_host_name
SSL_set_tlsext_host_name(tls->ssl, NULL);
#endif
SSL_free(tls->ssl); SSL_free(tls->ssl);
tls->ssl = NULL; tls->ssl = NULL;
tls->negotiated_callback = NULL; tls->negotiated_callback = NULL;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment