granicus.if.org Git - libevent/commit

Use heap-bases contexts for MbedTLS handles (#1355)

@widgetii:

"Recently after studying [https-client.c code](https://github.com/libevent/libevent/blob/master/sample/https-client.c#L532) I found that I cannot use MbedTLS with `bufferevent_mbedtls_socket_new` same way as for OpenSSL in other than hello-world code. In mentioned sample code, ssl context is created by `SSL_new()` (as heap-based pointer), but for MbedTLS stack value is used. The issue is in different semantics because OpenSSL is responsible for memory allocation and release for its context, but for MbedTLS it turns out user should do the same manually.

I expect that in both cases, setting option `BEV_OPT_CLOSE_ON_FREE` will free all linked resources, but in case of MbedTLS I have memory leak after connection is closed.

My proposal is:
1. Provide new `mbedtls_ssl_new` helper-function for end-user that do the same job as `SSL_new()` and use it and example in sample:

```c
mbedtls_ssl_context *mbedtls_ssl_new(const mbedtls_ssl_config *conf) {
  mbedtls_ssl_context *ssl = calloc(1, sizeof(*ssl));
  mbedtls_ssl_init(ssl);
  mbedtls_ssl_setup(ssl, conf);
  return ssl;
}
```

2. Add `free(ctx->ssl)` right after https://github.com/libevent/libevent/blob/master/bufferevent_mbedtls.c#L68"

Fixes: #1354

author	Azat Khuzhin <azat@libevent.org>
	Sat, 8 Oct 2022 16:26:24 +0000 (19:26 +0300)
committer	GitHub <noreply@github.com>
	Sat, 8 Oct 2022 16:26:24 +0000 (19:26 +0300)
commit	285fc7cc6ddd123b2610e9a782faa8c4f1432b70
tree	ea0241e235f604e633579aa80b08aee901637e71	tree \| snapshot
parent	b5b4c7fed589aef04f6b5add5f0f0d9c2f1fd2f5	commit \| diff
parent	aa163a4f296d00bd729b48f803685b54bf70ea81	commit \| diff