Back-patch 7.4-era fix for memory leak with SSL connections due to

missing X509_free() calls. Per a request from a Red Hat customer; seems silly for Red Hat to be shipping a patch that's not in upstream.
author: Tom Lane <tgl@sss.pgh.pa.us> 2006-06-23 14:42:52 +0000
committer: Tom Lane <tgl@sss.pgh.pa.us> 2006-06-23 14:42:52 +0000
commit: fe090f0778453f3256d15a19bf42c5781fa2d6fd (patch)
tree: 4b79eaeabafd1d7249018dae1d7926cd7f6e13ef /src/backend/libpq/be-secure.c
parent: 9e63275633b27377ff402f5bdde64584b7461a01 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index 97f887af00b..57103fe356d 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.15.2.14 2006/05/12 22:45:06 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.15.2.15 2006/06/23 14:42:52 tgl Exp $
  *
  *	  Since the server static private key ($DataDir/server.key)
  *	  will normally be stored unencrypted so that the database
@@ -775,6 +775,9 @@ destroy_SSL(void)
 static int
 open_server_SSL(Port *port)
 {
+	Assert(!port->ssl);
+	Assert(!port->peer);
+
 	if (!(port->ssl = SSL_new(SSL_context)) ||
 		!my_SSL_set_fd(port->ssl, port->sock) ||
 		SSL_accept(port->ssl) <= 0)
@@ -821,6 +824,12 @@ close_SSL(Port *port)
 		SSL_free(port->ssl);
 		port->ssl = NULL;
 	}
+
+	if (port->peer)
+	{
+		X509_free(port->peer);
+		port->peer = NULL;
+	}
 }
 
 /*
author	Tom Lane <tgl@sss.pgh.pa.us>	2006-06-23 14:42:52 +0000
committer	Tom Lane <tgl@sss.pgh.pa.us>	2006-06-23 14:42:52 +0000
commit	fe090f0778453f3256d15a19bf42c5781fa2d6fd (patch)
tree	4b79eaeabafd1d7249018dae1d7926cd7f6e13ef /src/backend/libpq/be-secure.c
parent	9e63275633b27377ff402f5bdde64584b7461a01 (diff)