Free tls resources on exit too

svn:r3615

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 86cdcec48ffb18ee5db66bf53f8b5820a1bd7f4a..42074cc41a54c93a3629379e352d55c91c310ecf 100644 (file)
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -156,6 +156,17 @@ tor_tls_init(void) {
   }
 }
 
+void
+tor_tls_free_all(void)
+{
+  if (global_tls_context) {
+    SSL_CTX_free(global_tls_context->ctx);
+    SSL_CTX_free(global_tls_context->client_only_ctx);
+    tor_free(global_tls_context);
+    global_tls_context = NULL;
+  }
+}
+
 /** We need to give OpenSSL a callback to verify certificates. This is
  * it: We always accept peer certs and complete the handshake.  We
  * don't validate them until later.

diff --git a/src/common/tortls.h b/src/common/tortls.h
index 33fe573a500ea1b2b1e3cc689bd00f1289890372..e7fc084acec5cdcb62fb4286bd1d96512f336847 100644 (file)
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -24,6 +24,7 @@ typedef struct tor_tls_st tor_tls;
 #define TOR_TLS_WANTWRITE   -1
 #define TOR_TLS_DONE         0
 
+void tor_tls_free_all(void);
 int tor_tls_context_new(crypto_pk_env_t *rsa, int isServer,
                         const char *nickname, unsigned int key_lifetime);
 tor_tls *tor_tls_new(int sock, int is_server, int use_no_cert);

diff --git a/src/or/main.c b/src/or/main.c
index ef1e7bf12fb85cf1908c400eb1735fee602a843d..184bfa3308c98214491e72ae66d07fe9e7e1ee11 100644 (file)
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1320,6 +1320,7 @@ void tor_free_all(void)
   connection_free_all();
   config_free_all();
   router_free_all_keys();
+  tor_tls_free_all();
   /* stuff in main.c */
   smartlist_free(closeable_connection_lst);
 }