Hi!
When doing BIO_pop(), OpenSSL increases the reference counter of the
remaining BIO chain instead of decreasing it. This leads to memory and
fd leaks if you use BIO_pop(). Here is a patch:
--- openssl-0.9.8g/ssl/bio_ssl.c 2005-04-26 20:53:21.000000000 +0200
+++ openssl/ssl/bio_ssl.c 2008-05-13 14:30:45.000000000 +0200
@@ -393,31 +393,31 @@
case BIO_CTRL_PUSH:
if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
{
SSL_set_bio(ssl,b->next_bio,b->next_bio);
CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
}
break;
case BIO_CTRL_POP:
/* ugly bit of a hack */
if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
{
BIO_free_all(ssl->wbio);
}
if (b->next_bio != NULL)
{
- CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
+ CRYPTO_add(&b->next_bio->references,-1,CRYPTO_LOCK_BIO);
}
ssl->wbio=NULL;
ssl->rbio=NULL;
break;
case BIO_C_DO_STATE_MACHINE:
BIO_clear_retry_flags(b);
b->retry_reason=0;
ret=(int)SSL_do_handshake(ssl);
switch (SSL_get_error(ssl,(int)ret))
{
case SSL_ERROR_WANT_READ:
BIO_set_flags(b,
BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
Regards,
--
Nils Gösche
"Don't ask for whom the <CTRL-G> tolls."
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
