From: William Lallemand Date: Wed, 24 Jun 2020 07:54:29 +0000 (+0200) Subject: MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c X-Git-Tag: v2.2-dev11~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b24086923c48767503a2d5d128e922794cd3e4c5;p=thirdparty%2Fhaproxy.git MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c Move the ckch_deinit() and crtlist_deinit() call to ssl_sock.c, also unlink the SNI from the ckch_inst because they are free'd before in ssl_sock_free_all_ctx(). --- diff --git a/src/haproxy.c b/src/haproxy.c index 22b43831af..802a88fbe6 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -116,8 +116,6 @@ #include #include #include -#include -#include #include #include #include @@ -2787,10 +2785,6 @@ void deinit(void) free(l); } - /* SSL storage */ - crtlist_deinit(); /* must be free'd before the ckchs */ - ckch_deinit(); - /* Release unused SSL configs. */ list_for_each_entry_safe(bind_conf, bind_back, &p->conf.bind, by_fe) { if (bind_conf->xprt->destroy_bind_conf) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 715ae9d672..dce5c64f98 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -4763,6 +4763,7 @@ void ssl_sock_free_all_ctx(struct bind_conf *bind_conf) back = ebmb_next(node); ebmb_delete(node); SSL_CTX_free(sni->ctx); + LIST_DEL(&sni->by_ckch_inst); free(sni); node = back; } @@ -4778,9 +4779,11 @@ void ssl_sock_free_all_ctx(struct bind_conf *bind_conf) free(sni->conf); sni->conf = NULL; } + LIST_DEL(&sni->by_ckch_inst); free(sni); node = back; } + SSL_CTX_free(bind_conf->initial_ctx); bind_conf->initial_ctx = NULL; SSL_CTX_free(bind_conf->default_ctx); @@ -4788,6 +4791,14 @@ void ssl_sock_free_all_ctx(struct bind_conf *bind_conf) bind_conf->default_ssl_conf = NULL; } + +void ssl_sock_deinit() +{ + crtlist_deinit(); /* must be free'd before the ckchs */ + ckch_deinit(); +} +REGISTER_POST_DEINIT(ssl_sock_deinit); + /* Destroys all the contexts for a bind_conf. This is used during deinit(). */ void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf) {