From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 19 Oct 2011 08:42:05 +0000 (+0200)
Subject: Free cached VPs when SSL says that the session is freed
X-Git-Tag: release_2_2_0~306
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c145c7dabbd4810a3e59fdc5ab698eec761e8d10;p=thirdparty%2Ffreeradius-server.git

Free cached VPs when SSL says that the session is freed
---

diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index c1fb1488c35..19f3fe06829 100644
--- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -194,9 +194,6 @@ static int generate_eph_rsa_key(SSL_CTX *ctx)
 
 
 /*
- *	These functions don't do anything other than print debugging
- *	messages.
- *
  *	FIXME: Write sessions to some long-term storage, so that
  *	       session resumption can still occur after the server
  *	       restarts.
@@ -206,6 +203,7 @@ static int generate_eph_rsa_key(SSL_CTX *ctx)
 static void cbtls_remove_session(UNUSED SSL_CTX *ctx, SSL_SESSION *sess)
 {
 	size_t size;
+	VALUE_PAIR *vp;
 	char buffer[2 * MAX_SESSION_SIZE + 1];
 
 	size = sess->session_id_length;
@@ -213,6 +211,9 @@ static void cbtls_remove_session(UNUSED SSL_CTX *ctx, SSL_SESSION *sess)
 
 	fr_bin2hex(sess->session_id, buffer, size);
 
+	vp = SSL_SESSION_get_ex_data(sess, eaptls_session_idx);
+	if (vp) pairfree(&vp);
+
         DEBUG2("  SSL: Removing session %s from the cache", buffer);
         SSL_SESSION_free(sess);