repo: ngircd
action: commit
revision: 
path_from: 
revision_from: 86f3c563d6a6f86fd4f8c9fc303808bbf85d29c3:
path_to: 
revision_to:

commit 86f3c563d6a6f86fd4f8c9fc303808bbf85d29c3
Author: Hilko Bengen 
Date:   Sun Apr 19 21:20:43 2020 +0200

    GnuTLS: Eliminate memory leaks for DH parameters, priorities cache

    The DH parameters reference has to be stored next to the x509_cred
    which holds a reference to it.

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c

index ae5fd572ae94abf7dbd090100a83535ca9219b0e..

index ..4dd335ea9209f6a01fa11f459fb3e0d976e44a21 100644

--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -65,13 +65,14 @@ static bool ConnSSL_LoadServerKey_openssl PARAMS(( SSL_CTX *c ));
 typedef struct {
 	int refcnt;
 	gnutls_certificate_credentials_t x509_cred;
+	gnutls_dh_params_t dh_params;
 } x509_cred_slot;

 static array x509_creds = INIT_ARRAY;
 static size_t x509_cred_idx;

 static gnutls_dh_params_t dh_params;
-static gnutls_priority_t priorities_cache;
+static gnutls_priority_t priorities_cache = NULL;
 static bool ConnSSL_LoadServerKey_gnutls PARAMS(( void ));
 #endif

@@ -281,10 +282,11 @@ void ConnSSL_Free(CONNECTION *c)
 	if ((c->ssl_state.x509_cred_idx != x509_cred_idx) && (slot->refcnt <= 0)) {
 		Log(LOG_INFO, "Discarding X509 certificate credentials from slot %zd.",
 		    c->ssl_state.x509_cred_idx);
-		/* TODO/FIXME: DH parameters will still leak memory. */
 		gnutls_certificate_free_keys(slot->x509_cred);
 		gnutls_certificate_free_credentials(slot->x509_cred);
 		slot->x509_cred = NULL;
+		gnutls_dh_params_deinit(slot->dh_params);
+		slot->dh_params = NULL;
 		slot->refcnt = 0;
 	}
 #endif
@@ -381,6 +383,9 @@ out:
 	if (!ConnSSL_LoadServerKey_gnutls())
 		goto out;

+	if (priorities_cache != NULL) {
+		gnutls_priority_deinit(priorities_cache);
+	}
 	if (gnutls_priority_init(&priorities_cache, Conf_SSLOptions.CipherList,
 				 NULL) != GNUTLS_E_SUCCESS) {
 		Log(LOG_ERR,
@@ -444,10 +449,11 @@ ConnSSL_LoadServerKey_gnutls(void)
 	slot = array_get(&x509_creds, sizeof(x509_cred_slot), x509_cred_idx);
 	if ((slot != NULL) && (slot->refcnt <= 0) && (slot->x509_cred != NULL)) {
 		Log(LOG_INFO, "Discarding X509 certificate credentials from slot %zd.", x509_cred_idx);
-		/* TODO/FIXME: DH parameters will still leak memory. */
 		gnutls_certificate_free_keys(slot->x509_cred);
 		gnutls_certificate_free_credentials(slot->x509_cred);
 		slot->x509_cred = NULL;
+		gnutls_dh_params_deinit(slot->dh_params);
+		slot->dh_params = NULL;
 		slot->refcnt = 0;
 	}

-----END OF PAGE-----