Fix memory leak of SSL_CTX structures in TLS core.

SSL_CTX structures were allocated but never freed. This was a bigger issue for clients than servers since new SSL_CTX structures could be allocated for each connection. Servers, on the other hand, typically set up a single SSL_CTX for their lifetime. This is solved in two ways: 1. In __ssl_setup(), if a tcptls_cfg has an ssl_ctx on it, it is freed so that a new one can take its place. 2. A companion to ast_ssl_setup() called ast_ssl_teardown() has been added so that servers can properly free their SSL_CTXs. (issue ASTERISK-19278) ........ Merged revisions 367002 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 367003 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@367010 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2025-09-29 18:19:30 +00:00 · 2012-05-18 17:24:57 +00:00
parent 6eb4e81033
commit 5c576aa3c2
3 changed files with 50 additions and 2 deletions
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -31884,6 +31884,7 @@ static int unload_module(void)
 	if (sip_tls_desc.master) {
 		ast_tcptls_server_stop(&sip_tls_desc);
 	}
+	ast_ssl_teardown(sip_tls_desc.tls_cfg);

 	/* Kill all existing TCP/TLS threads */
 	i = ao2_iterator_init(threadt, 0);