TLS: Fix memory leak with multiple TLS server instances

When using CONFIG_TLS=internal and starting hostapd with multiple
configuration files that each initialize TLS server, the server
certificate and related data was not freed for all the interfaces on
exit path. Fix this by freeing the credential data that is stored
separately for each call to tls_init().

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c
index 704751d308fcf9f080de1a5f2aeab086573ff096..1b82245e043a812f24e535fde5e0d31ac628ba9d 100644 (file)
--- a/src/crypto/tls_internal.c
+++ b/src/crypto/tls_internal.c
@@ -64,10 +64,12 @@ void tls_deinit(void *ssl_ctx)
                tlsv1_client_global_deinit();
 #endif /* CONFIG_TLS_INTERNAL_CLIENT */
 #ifdef CONFIG_TLS_INTERNAL_SERVER
-               tlsv1_cred_free(global->server_cred);
                tlsv1_server_global_deinit();
 #endif /* CONFIG_TLS_INTERNAL_SERVER */
        }
+#ifdef CONFIG_TLS_INTERNAL_SERVER
+       tlsv1_cred_free(global->server_cred);
+#endif /* CONFIG_TLS_INTERNAL_SERVER */
        os_free(global);
 }