From: Frederic Lecaille <flecaille@haproxy.com>
Date: Wed, 4 Jun 2025 09:49:14 +0000 (+0200)
Subject: BUG/MINOR: quic: Missing SSL session object freeing
X-Git-Tag: v3.3-dev1~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6b746330692380f7e88fc757b7124b5a9c88ebd8;p=thirdparty%2Fhaproxy.git

BUG/MINOR: quic: Missing SSL session object freeing

qc_alloc_ssl_sock_ctx() allocates an SSL_CTX object for each connection. It also
allocates an SSL object. When this function failed, it freed only the SSL_CTX object.
The correct way to free both of them is to call qc_free_ssl_sock_ctx().

Must be backported as far as 2.6.
---

diff --git a/src/quic_ssl.c b/src/quic_ssl.c
index 06075ef31..4b2cede18 100644
--- a/src/quic_ssl.c
+++ b/src/quic_ssl.c
@@ -1174,6 +1174,6 @@ int qc_alloc_ssl_sock_ctx(struct quic_conn *qc)
 
  err:
 	TRACE_DEVEL("leaving on error", QUIC_EV_CONN_NEW, qc);
-	pool_free(pool_head_quic_ssl_sock_ctx, ctx);
+	qc_free_ssl_sock_ctx(&ctx);
 	goto leave;
 }