mirror of https://github.com/moparisthebest/curl
- Johan van Selst found and fixed a OpenSSL session ref count leak:
ossl_connect_step3() increments an SSL session handle reference counter on each call. When sessions are re-used this reference counter may be incremented many times, but it will be decremented only once when done (by Curl_ossl_session_free()); and the internal OpenSSL data will not be freed if this reference count remains positive. When a session is re-used the reference counter should be corrected by explicitly calling SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid introducing a memory leak. (http://curl.haxx.se/bug/view.cgi?id=2926284)
This commit is contained in:
parent
aa2f447400
commit
552c3de357
14
CHANGES
14
CHANGES
|
@ -6,6 +6,20 @@
|
||||||
|
|
||||||
Changelog
|
Changelog
|
||||||
|
|
||||||
|
Daniel Stenberg (9 Jan 2010)
|
||||||
|
- Johan van Selst found and fixed a OpenSSL session ref count leak:
|
||||||
|
|
||||||
|
ossl_connect_step3() increments an SSL session handle reference counter on
|
||||||
|
each call. When sessions are re-used this reference counter may be
|
||||||
|
incremented many times, but it will be decremented only once when done (by
|
||||||
|
Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
|
||||||
|
if this reference count remains positive. When a session is re-used the
|
||||||
|
reference counter should be corrected by explicitly calling
|
||||||
|
SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
|
||||||
|
introducing a memory leak.
|
||||||
|
|
||||||
|
(http://curl.haxx.se/bug/view.cgi?id=2926284)
|
||||||
|
|
||||||
Daniel Stenberg (7 Jan 2010)
|
Daniel Stenberg (7 Jan 2010)
|
||||||
- Make sure the progress callback is called repeatedly even during very slow
|
- Make sure the progress callback is called repeatedly even during very slow
|
||||||
name resolves when c-ares is used for resolving.
|
name resolves when c-ares is used for resolving.
|
||||||
|
|
|
@ -42,6 +42,7 @@ This release includes the following bugfixes:
|
||||||
o header include fix for FreeBSD versions before v8
|
o header include fix for FreeBSD versions before v8
|
||||||
o fragment part of URLs are no longer sent to the server
|
o fragment part of URLs are no longer sent to the server
|
||||||
o progress callback called repeatedly with c-ares for resolving
|
o progress callback called repeatedly with c-ares for resolving
|
||||||
|
o OpenSSL session id ref count leak
|
||||||
|
|
||||||
This release includes the following known bugs:
|
This release includes the following known bugs:
|
||||||
|
|
||||||
|
@ -54,6 +55,7 @@ advice from friends like these:
|
||||||
Marco Maggi, Camille Moncelier, Claes Jakobsson, Kevin Baughman,
|
Marco Maggi, Camille Moncelier, Claes Jakobsson, Kevin Baughman,
|
||||||
Marc Kleine-Budde, Jad Chamcham, Bjorn Augustsson, David Byron,
|
Marc Kleine-Budde, Jad Chamcham, Bjorn Augustsson, David Byron,
|
||||||
Markus Koetter, Chad Monroe, Martin Storsjo, Siegfried Gyuricsko,
|
Markus Koetter, Chad Monroe, Martin Storsjo, Siegfried Gyuricsko,
|
||||||
Jon Nelson, Julien Chaffraix, Renato Botelho, Peter Pentchev, Ingmar Runge
|
Jon Nelson, Julien Chaffraix, Renato Botelho, Peter Pentchev, Ingmar Runge,
|
||||||
|
Johan van Selst
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
|
12
lib/ssluse.c
12
lib/ssluse.c
|
@ -5,7 +5,7 @@
|
||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
|
@ -2315,7 +2315,15 @@ ossl_connect_step3(struct connectdata *conn,
|
||||||
return retcode;
|
return retcode;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#ifdef HAVE_SSL_GET1_SESSION
|
||||||
|
else {
|
||||||
|
/* Session was incache, so refcount already incremented earlier.
|
||||||
|
* Avoid further increments with each SSL_get1_session() call.
|
||||||
|
* This does not free the session as refcount remains > 0
|
||||||
|
*/
|
||||||
|
SSL_SESSION_free(our_ssl_sessionid);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We check certificates to authenticate the server; otherwise we risk
|
* We check certificates to authenticate the server; otherwise we risk
|
||||||
|
|
Loading…
Reference in New Issue