From a2c21db155f52089b9474e9a13a8b270f55301b7 Mon Sep 17 00:00:00 2001
From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Thu, 3 Nov 2022 15:16:47 +0100
Subject: [PATCH] BUG/MINOR: ssl: Memory leak of DH BIGNUM fields

When running HAProxy with OpenSSLv3, the two BIGNUMs used to build our
own DH parameters are not freed. It was not necessary previously because
ownership of those parameters was transferred to OpenSSL through the
DH_set0_pqg call.

This patch should be backported to 2.6.
---
 src/ssl_sock.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6b38d4031b..2f76bb9866 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3073,6 +3073,8 @@ end:
 	EVP_PKEY_CTX_free(ctx);
 	OSSL_PARAM_free(params);
 	OSSL_PARAM_BLD_free(tmpl);
+	BN_free(p);
+	BN_free(g);
 	return pkey;
 #else
 
-- 
2.47.3