From e68719b0faade6f98ce3f161204fd4d7c9da8edd Mon Sep 17 00:00:00 2001
From: doug <>
Date: Sat, 3 Oct 2015 06:47:32 +0000
Subject: SSL_new(): fix ref counting and memory leak in error path.

Rather than a half-hearted attempt to free up resources and fix
ref counting at the SSL_CTX level, let SSL_free() do its job.

This diff got lost in the shuffle somewhere.  It's from last year.
Ref counting error reported by Parakleta in github ticket #51.  Thanks!

ok jsing@, beck@
---
 src/lib/libssl/src/ssl/ssl_lib.c | 11 +++--------
 src/lib/libssl/ssl_lib.c         | 11 +++--------
 2 files changed, 6 insertions(+), 16 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index b772f5f810..0b094e8db6 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.112 2015/09/12 19:45:16 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.113 2015/10/03 06:47:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -359,15 +359,10 @@ SSL_new(SSL_CTX *ctx)
 
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
 
-
 	return (s);
+
 err:
-	if (s != NULL) {
-		if (s->cert != NULL)
-			ssl_cert_free(s->cert);
-		SSL_CTX_free(s->ctx); /* decrement reference count */
-		free(s);
-	}
+	SSL_free(s);
 	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
 	return (NULL);
 }
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index b772f5f810..0b094e8db6 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.112 2015/09/12 19:45:16 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.113 2015/10/03 06:47:32 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -359,15 +359,10 @@ SSL_new(SSL_CTX *ctx)
 
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
 
-
 	return (s);
+
 err:
-	if (s != NULL) {
-		if (s->cert != NULL)
-			ssl_cert_free(s->cert);
-		SSL_CTX_free(s->ctx); /* decrement reference count */
-		free(s);
-	}
+	SSL_free(s);
 	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
 	return (NULL);
 }
-- 
cgit v1.2.3-55-g6feb