From: Mikko Koppanen <mkoppanen@php.net>
Date: Sat, 22 Aug 2009 02:31:23 +0000 (+0000)
Subject: Fixes a memory leak in ssl streams. The context was not properly freed
X-Git-Tag: php-5.2.11RC2~35
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6b20ef819735a12f96faeb7975b894d07d1e78c9;p=php

Fixes a memory leak in ssl streams. The context was not properly freed
---

diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
index 33abb8a449..2efb60dc5b 100644
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@ -47,6 +47,7 @@ int php_openssl_get_x509_list_id(void);
 typedef struct _php_openssl_netstream_data_t {
 	php_netstream_data_t s;
 	SSL *ssl_handle;
+	SSL_CTX *ctx;
 	struct timeval connect_timeout;
 	int enable_on_connect;
 	int is_client;
@@ -267,6 +268,10 @@ static int php_openssl_sockop_close(php_stream *stream, int close_handle TSRMLS_
 			SSL_free(sslsock->ssl_handle);
 			sslsock->ssl_handle = NULL;
 		}
+		if (sslsock->ctx) {
+			SSL_CTX_free(sslsock->ctx);
+			sslsock->ctx = NULL;
+		}
 		if (sslsock->s.socket != SOCK_ERR) {
 #ifdef PHP_WIN32
 			/* prevent more data from coming in */
@@ -308,7 +313,6 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
 		php_stream_xport_crypto_param *cparam
 		TSRMLS_DC)
 {
-	SSL_CTX *ctx;
 	SSL_METHOD *method;
 	
 	if (sslsock->ssl_handle) {
@@ -357,18 +361,19 @@ static inline int php_openssl_setup_crypto(php_stream *stream,
 
 	}
 
-	ctx = SSL_CTX_new(method);
-	if (ctx == NULL) {
+	sslsock->ctx = SSL_CTX_new(method);
+	if (sslsock->ctx == NULL) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "failed to create an SSL context");
 		return -1;
 	}
 
-	SSL_CTX_set_options(ctx, SSL_OP_ALL);
+	SSL_CTX_set_options(sslsock->ctx, SSL_OP_ALL);
 
-	sslsock->ssl_handle = php_SSL_new_from_context(ctx, stream TSRMLS_CC);
+	sslsock->ssl_handle = php_SSL_new_from_context(sslsock->ctx, stream TSRMLS_CC);
 	if (sslsock->ssl_handle == NULL) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "failed to create an SSL handle");
-		SSL_CTX_free(ctx);
+		SSL_CTX_free(sslsock->ctx);
+		sslsock->ctx = NULL;
 		return -1;
 	}
 
@@ -789,6 +794,9 @@ php_stream *php_openssl_ssl_socket_factory(const char *proto, long protolen,
 	 * connecting */
 	sslsock->s.socket = -1;
 	
+	/* Initialize context as NULL */
+	sslsock->ctx = NULL;	
+	
 	stream = php_stream_alloc_rel(&php_openssl_socket_ops, sslsock, persistent_id, "r+");
 
 	if (stream == NULL)	{