From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 19 Sep 2016 09:33:14 +0000 (+0200)
Subject: openssl: don’t call CRYTPO_cleanup_all_ex_data
X-Git-Tag: curl-7_51_0~147
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de71e68000c8624ea13f90b136f8734dd0fb1bdc;p=thirdparty%2Fcurl.git

openssl: don’t call CRYTPO_cleanup_all_ex_data

The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called
multiple times without crashing - and other libs might call it! We
basically cannot call it without risking a crash. The function is a
no-op since OpenSSL 1.1.0.

Not calling this function only risks a small memory leak with OpenSSL <
1.1.0.

Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html
Reported-by: Todd Short
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index a0f42133e5..7da33331b9 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -775,8 +775,6 @@ if(CMAKE_USE_OPENSSL)
   check_symbol_exists(RAND_status   "${CURL_INCLUDES}" HAVE_RAND_STATUS)
   check_symbol_exists(RAND_screen   "${CURL_INCLUDES}" HAVE_RAND_SCREEN)
   check_symbol_exists(RAND_egd      "${CURL_INCLUDES}" HAVE_RAND_EGD)
-  check_symbol_exists(CRYPTO_cleanup_all_ex_data "${CURL_INCLUDES}"
-    HAVE_CRYPTO_CLEANUP_ALL_EX_DATA)
   if(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
     set(USE_OPENSSL 1)
   endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
diff --git a/configure.ac b/configure.ac
index 1040a07fb0..f7f8e0c5f2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1639,7 +1639,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
                     RAND_screen \
                     RAND_egd \
                     ENGINE_cleanup \
-                    CRYPTO_cleanup_all_ex_data \
                     SSL_get_shutdown \
                     SSLv2_client_method )
 
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 44a6bd82b3..30a8dabc39 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -748,11 +748,6 @@ void Curl_ossl_cleanup(void)
   ENGINE_cleanup();
 #endif
 
-#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
-  /* Free OpenSSL ex_data table */
-  CRYPTO_cleanup_all_ex_data();
-#endif
-
   /* Free OpenSSL error strings */
   ERR_free_strings();