SSL_new(): fix ref counting and memory leak in error path.

Rather than a half-hearted attempt to free up resources and fix
ref counting at the SSL_CTX level, let SSL_free() do its job.

This diff got lost in the shuffle somewhere.  It's from last year.
Ref counting error reported by Parakleta in github ticket #51.  Thanks!

ok jsing@, beck@

1 files changed, 3 insertions, 8 deletions

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index b772f5f810..0b094e8db6 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.112 2015/09/12 19:45:16 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.113 2015/10/03 06:47:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -359,15 +359,10 @@ SSL_new(SSL_CTX *ctx)
 
         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
 
-
         return (s);
+
 err:
-        if (s != NULL) {
-                if (s->cert != NULL)
-                        ssl_cert_free(s->cert);
-                SSL_CTX_free(s->ctx); /* decrement reference count */
-                free(s);
-        }
+        SSL_free(s);
         SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
         return (NULL);
 }