From: Tom Lane Date: Thu, 18 Dec 2003 22:49:34 +0000 (+0000) Subject: Fix memory leak with SSL connections due to missing X509_free() calls. X-Git-Tag: REL7_4_1~15 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7748c5ee2987e8ae9bfae448cefa9d2dfb7a79e3;p=thirdparty%2Fpostgresql.git Fix memory leak with SSL connections due to missing X509_free() calls. Per Neil Conway. --- diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c index 1e69f14fd4b..bd9edc1e88c 100644 --- a/src/backend/libpq/be-secure.c +++ b/src/backend/libpq/be-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43 2003/09/26 15:27:31 petere Exp $ + * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43.2.1 2003/12/18 22:49:34 tgl Exp $ * * Since the server static private key ($DataDir/server.key) * will normally be stored unencrypted so that the database @@ -714,6 +714,9 @@ destroy_SSL(void) static int open_server_SSL(Port *port) { + Assert(!port->ssl); + Assert(!port->peer); + if (!(port->ssl = SSL_new(SSL_context)) || !SSL_set_fd(port->ssl, port->sock) || SSL_accept(port->ssl) <= 0) @@ -764,6 +767,12 @@ close_SSL(Port *port) SSL_free(port->ssl); port->ssl = NULL; } + + if (port->peer) + { + X509_free(port->peer); + port->peer = NULL; + } } /* diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index d55984a1105..dedf808d027 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.32 2003/09/29 16:38:04 petere Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.32.2.1 2003/12/18 22:49:34 tgl Exp $ * * NOTES * The client *requires* a valid server certificate. Since @@ -1004,6 +1004,12 @@ close_SSL(PGconn *conn) SSL_free(conn->ssl); conn->ssl = NULL; } + + if (conn->peer) + { + X509_free(conn->peer); + conn->peer = NULL; + } } /*