httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: Two questions on mod_ssl source code details
Date Tue, 26 May 2015 07:01:12 GMT
Am 22.05.2015 um 18:35 schrieb Yann Ylavic:
> On Fri, May 22, 2015 at 6:29 PM, Rainer Jung <rainer.jung@kippdata.de> wrote:
>> 1) In other code I see
>>
>>      EC_KEY_free(ecdh);
>>
>> after
>>
>>    EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
>> and using ecdh, e.g. in
>>    SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
>>
>> Should we add the free? Or is it not needed? Anyone knows why?
>
> This was added in r1666363:
>
> * mod_ssl: fix small memory leak in ssl_init_server_certs when ECDH is used.
> SSL_CTX_set_tmp_ecdh increases reference count, so we have to call EC_KEY_free,
> otherwise eckey will not be freed.

Ha! It is in trunk and 2.2, but the backport/changes in 2.4 were 
incomplete. Exactly the free is missing. Proposed now for 2.4 in STATUS.

Regards,

Rainer


Mime
View raw message