Fix memory leak with SSL connections due to missing X509_free() calls.

Per Neil Conway.

diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index 0f4ff4d..639b7a0 100644 (file)
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.44 2003/11/29 19:51:49 pgsql Exp $
+ *       $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.45 2003/12/18 22:49:26 tgl Exp $
  *
  *       Since the server static private key ($DataDir/server.key)
  *       will normally be stored unencrypted so that the database
@@ -714,6 +714,9 @@ destroy_SSL(void)
 static int
 open_server_SSL(Port *port)
 {
+       Assert(!port->ssl);
+       Assert(!port->peer);
+
        if (!(port->ssl = SSL_new(SSL_context)) ||
                !SSL_set_fd(port->ssl, port->sock) ||
                SSL_accept(port->ssl) <= 0)
@@ -764,6 +767,12 @@ close_SSL(Port *port)
                SSL_free(port->ssl);
                port->ssl = NULL;
        }
+
+       if (port->peer)
+       {
+               X509_free(port->peer);
+               port->peer = NULL;
+       }
 }
 
 /*

diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c
index d31e9c3..34f94b0 100644 (file)
--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.33 2003/11/29 19:52:12 pgsql Exp $
+ *       $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.34 2003/12/18 22:49:26 tgl Exp $
  *
  * NOTES
  *       The client *requires* a valid server certificate.  Since
@@ -1004,6 +1004,12 @@ close_SSL(PGconn *conn)
                SSL_free(conn->ssl);
                conn->ssl = NULL;
        }
+
+       if (conn->peer)
+       {
+               X509_free(conn->peer);
+               conn->peer = NULL;
+       }
 }
 
 /*