Add function to free compression methods.

Although the memory allocated by compression methods is fixed and
cannot grow over time it can cause warnings in some leak checking
tools. The function SSL_COMP_free_compression_methods() will free
and zero the list of supported compression methods. This should
*only* be called in a single threaded context when an application
is shutting down to avoid interfering with existing contexts
attempting to look up compression methods.

diff --git a/ssl/ssl.h b/ssl/ssl.h
index b70f086c011778af98ae3350326879427c103422..6bbe04d18a21b04b7855c35f4a834ba30a660cae 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2510,6 +2510,7 @@ const COMP_METHOD *SSL_get_current_expansion(SSL *s);
 const char *SSL_COMP_get_name(const COMP_METHOD *comp);
 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
 STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths);
+void SSL_COMP_free_compression_methods(void);
 int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
 #else
 const void *SSL_get_current_compression(SSL *s);

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 1ea202f13600b890b5152122f4680d686d7e300a..c8057aa85defb1be93e9df30648864ddfc3ce5ab 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1877,6 +1877,18 @@ STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths)
        return old_meths;
        }
 
+static void cmeth_free(SSL_COMP *cm)
+       {
+       OPENSSL_free(cm);
+       }
+
+void SSL_COMP_free_compression_methods(void)
+       {
+       STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
+       ssl_comp_methods = NULL;
+       sk_SSL_COMP_pop_free(old_meths, cmeth_free);
+       }
+
 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
        {
        SSL_COMP *comp;