Free {alert,phh}_data in tls13_record_layer_free()

httpd(8)'s incorrect tls_close() after closing the underlying socket
led to a leak: tls_close()'s attempt to send out the close_notify won't
work very well over a closed pipe. This resulted in alert_data still
hanging off the TLSv1.3 context's record layer struct. The tls_free()
call should have cleaned this up but failed to do so.

The record layer's phh_data potentially has the same issue, so free it
as well. This diff makes -current httpd(8) run in constant memory over
hundreds of thousands TLS connections with a static site.

ok inoguchi jsing

1 files changed, 4 insertions, 1 deletions

diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index 1298f59051..2f980ab60b 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.55 2020/10/15 07:07:09 tb Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.56 2021/01/02 18:00:08 tb Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -135,6 +135,9 @@ tls13_record_layer_free(struct tls13_record_layer *rl)
         if (rl == NULL)
                 return;
 
+        freezero(rl->alert_data, rl->alert_len);
+        freezero(rl->phh_data, rl->phh_len);
+
         tls13_record_layer_rbuf_free(rl);
 
         tls13_record_layer_rrec_free(rl);