Ignore:
Timestamp:
Jan 31, 2020 9:55:43 AM (4 years ago)
Author:
nanang
Message:

Misc (re #2210): Reverting r6133 as it is reported to cause crash on OpenSSL 1.0.x, and OpenSSL docs explicitly prohibit freeing SSL_SESSION after SSL_free(). Thanks Peter Koletzki for the report.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • pjproject/trunk/pjlib/src/pj/ssl_sock_ossl.c

    r6133 r6148  
    570570 
    571571        SSL_free(ssl); 
     572 
     573        /* On OpenSSL 1.1.1, omitting SSL_SESSION_free() will cause  
     574         * memory leak (e.g: as reported by Address Sanitizer). But using 
     575         * SSL_SESSION_free() may cause crash (due to double free?) on 1.0.x. 
     576         * As OpenSSL docs specifies to not calling SSL_SESSION_free() after 
     577         * SSL_free(), perhaps it is safer to obey this, the leak amount seems 
     578         * to be relatively small (<500 bytes) and should occur once only in 
     579         * the library lifetime. 
     580#if OPENSSL_VERSION_NUMBER >= 0x10101000L 
    572581        SSL_SESSION_free(ssl_sess); 
     582#endif 
     583         */ 
     584 
    573585        SSL_CTX_free(ctx); 
    574586    } 
Note: See TracChangeset for help on using the changeset viewer.