1 files changed, 27 insertions, 1 deletions
diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c
index bf0e1f769f..df610fe238 100644
--- a/src/lib/libtls/tls.c
+++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.46 2016/08/15 14:04:23 jsing Exp $ */
+/* $OpenBSD: tls.c,v 1.47 2016/08/22 14:51:37 jsing Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -177,6 +177,24 @@ tls_set_errorx(struct tls *ctx, const char *fmt, ...)
        return (rv);
 }
+struct tls_sni_ctx *
+tls_sni_ctx_new(void)
+{
+        return (calloc(1, sizeof(struct tls_sni_ctx)));
+}
+void
+tls_sni_ctx_free(struct tls_sni_ctx *sni_ctx)
+{
+        if (sni_ctx == NULL)
+                return;
+        SSL_CTX_free(sni_ctx->ssl_ctx);
+        X509_free(sni_ctx->ssl_cert);
+        free(sni_ctx);
+}
 struct tls *
 tls_new(void)
 {
@@ -376,6 +394,8 @@ tls_free(struct tls *ctx)
 void
 tls_reset(struct tls *ctx)
 {
+        struct tls_sni_ctx *sni, *nsni;
        SSL_CTX_free(ctx->ssl_ctx);
        SSL_free(ctx->ssl_conn);
        X509_free(ctx->ssl_peer_cert);
@@ -397,6 +417,12 @@ tls_reset(struct tls *ctx)
        tls_free_conninfo(ctx->conninfo);
        free(ctx->conninfo);
        ctx->conninfo = NULL;
+        for (sni = ctx->sni_ctx; sni != NULL; sni = nsni) {
+                nsni = sni->next;
+                tls_sni_ctx_free(sni);
+        }
+        ctx->sni_ctx = NULL;
 }
 int

diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c index bf0e1f769f..df610fe238 100644 --- a/src/lib/libtls/tls.c +++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls.c,v 1.46 2016/08/15 14:04:23 jsing Exp $ */	1	/* $OpenBSD: tls.c,v 1.47 2016/08/22 14:51:37 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -177,6 +177,24 @@ tls_set_errorx(struct tls ctx, const char fmt, ...)
177	return (rv);	177	return (rv);
178	}	178	}
179		179
		180	struct tls_sni_ctx *
		181	tls_sni_ctx_new(void)
		182	{
		183	return (calloc(1, sizeof(struct tls_sni_ctx)));
		184	}
		185
		186	void
		187	tls_sni_ctx_free(struct tls_sni_ctx *sni_ctx)
		188	{
		189	if (sni_ctx == NULL)
		190	return;
		191
		192	SSL_CTX_free(sni_ctx->ssl_ctx);
		193	X509_free(sni_ctx->ssl_cert);
		194
		195	free(sni_ctx);
		196	}
		197
180	struct tls *	198	struct tls *
181	tls_new(void)	199	tls_new(void)
182	{	200	{
@@ -376,6 +394,8 @@ tls_free(struct tls *ctx)
376	void	394	void
377	tls_reset(struct tls *ctx)	395	tls_reset(struct tls *ctx)
378	{	396	{
		397	struct tls_sni_ctx sni, nsni;
		398
379	SSL_CTX_free(ctx->ssl_ctx);	399	SSL_CTX_free(ctx->ssl_ctx);
380	SSL_free(ctx->ssl_conn);	400	SSL_free(ctx->ssl_conn);
381	X509_free(ctx->ssl_peer_cert);	401	X509_free(ctx->ssl_peer_cert);
@@ -397,6 +417,12 @@ tls_reset(struct tls *ctx)
397	tls_free_conninfo(ctx->conninfo);	417	tls_free_conninfo(ctx->conninfo);
398	free(ctx->conninfo);	418	free(ctx->conninfo);
399	ctx->conninfo = NULL;	419	ctx->conninfo = NULL;
		420
		421	for (sni = ctx->sni_ctx; sni != NULL; sni = nsni) {
		422	nsni = sni->next;
		423	tls_sni_ctx_free(sni);
		424	}
		425	ctx->sni_ctx = NULL;
400	}	426	}
401		427
402	int	428	int