From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 5 Sep 2016 12:05:45 +0000 (+0200)
Subject: Fixup memleak on error.
X-Git-Tag: release-1.7.0-rc1~61
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c104b091cd38c1a881847ec8a223b7ab556fdde5;p=thirdparty%2Fldns.git

Fixup memleak on error.
---

diff --git a/Changelog b/Changelog
index eb03feb4..5d2a1920 100644
--- a/Changelog
+++ b/Changelog
@@ -66,11 +66,13 @@ TBD
 	* Prepare for ED25519, ED448 support: todo convert* routines in
 	  dnssec.h, once openssl has support for signing with these algorithms.
 	  The dns algorithm number is not yet allocated. These features are
-	  not fully implemented yet.
+	  not fully implemented yet, openssl (1.1) does not support the
+	  algorithms enough to generate keys and sign and verify with them.
 	* Fix _answerfrom comment in ldns_struct_pkt.
 	* Fix drill axfr ipv4/ipv6 queries.
 	* Fix comment referring to mk_query in packet.h to pkt_query_new.
 	* Fix description of QR flag in packet.h.
+	* Fix for openssl 1.1.0 API changes.
 
 1.6.17	2014-01-10
 	* Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a
diff --git a/keys.c b/keys.c
index cf779f90..340d8d27 100644
--- a/keys.c
+++ b/keys.c
@@ -888,8 +888,13 @@ ldns_key_new_frm_fp_rsa_l(FILE *f, int *line_nr)
 #else
 	if(!RSA_set0_key(rsa, n, e, d))
 		goto error;
+	n = NULL;
+	e = NULL;
+	d = NULL;
 	if(!RSA_set0_factors(rsa, p, q))
 		goto error;
+	p = NULL;
+	q = NULL;
 	if(!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp))
 		goto error;
 #endif
@@ -998,6 +1003,9 @@ ldns_key_new_frm_fp_dsa_l(FILE *f, ATTR_UNUSED(int *line_nr))
 #else
 	if(!DSA_set0_pqg(dsa, p, q, g))
 		goto error;
+	p = NULL;
+	q = NULL;
+	g = NULL;
 	if(!DSA_set0_key(dsa, pub_key, priv_key))
 		goto error;
 #endif