diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | socket.c | 2 |
2 files changed, 6 insertions, 0 deletions
@@ -88,6 +88,10 @@ fetchmail 6.3.9 (not yet released): * Only print "Deleting fetchids file" if there actually is one. Fixes Debian Bug#374514, reported by Dan Jacobson. * SSL fix: check and report if SSL_set_fd fails. +* SSL fix: close memory leak when SSL connection fails; fetchmail used to forget + calling SSL_free() on the SSL context, leaking in excess of 1/2 MB RAM on a + x86_64 system per failed SSL connection attempt. + Bug reported and patch provided by Seiichi Ikarashi, Fujitsu. # CHANGES: * autoconf 2.60 is now required to build fetchmail; it uses @@ -906,6 +906,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, char *myproto, int certck, char if (SSL_set_fd(_ssl_context[sock], sock) == 0 || SSL_connect(_ssl_context[sock]) < 1) { ERR_print_errors_fp(stderr); + SSL_free( _ssl_context[sock] ); + _ssl_context[sock] = NULL; SSL_CTX_free(_ctx[sock]); _ctx[sock] = NULL; return(-1); |