Fix memory leak in ENGINE autoconfig code. Improve error logging.

diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
index 08066cea592cad9a0970221e8ee21eb26034a985..95c407001574bc25c0de96890835e8a57d52445a 100644 (file)
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@@ -95,7 +95,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
        int ret = 0;
        long do_init = -1;
        STACK_OF(CONF_VALUE) *ecmds;
-       CONF_VALUE *ecmd;
+       CONF_VALUE *ecmd = NULL;
        char *ctrlname, *ctrlvalue;
        ENGINE *e = NULL;
        int soft = 0;
@@ -157,7 +157,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
                                        return 1;
                                        }
                                if (!e)
-                                       return 0;
+                                       goto err;
                                }
                        /* Allow "EMPTY" to mean no value: this allows a valid
                         * "value" to be passed to ctrls of type NO_INPUT
@@ -186,16 +186,27 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf)
                                }
                        else if (!ENGINE_ctrl_cmd_string(e,
                                        ctrlname, ctrlvalue, 0))
-                               return 0;
+                               goto err;
                        }
 
 
 
                }
        if (e && (do_init == -1) && !int_engine_init(e))
+               {
+               ecmd = NULL;
                goto err;
+               }
        ret = 1;
        err:
+       if (ret != 1)
+               {
+               ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_CONFIGURATION_ERROR);
+               if (ecmd)
+                       ERR_add_error_data(6, "section=", ecmd->section, 
+                                               ", name=", ecmd->name,
+                                               ", value=", ecmd->value);
+               }
        if (e)
                ENGINE_free(e);
        return ret;

diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c
index 574ffbb5c012e1052c34c77842ce98782b172cfa..ac74dd127a19b81a8a907c18b19117763f09fcd0 100644 (file)
--- a/crypto/engine/eng_err.c
+++ b/crypto/engine/eng_err.c
@@ -1,6 +1,6 @@
 /* crypto/engine/eng_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -124,6 +124,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
 {ERR_REASON(ENGINE_R_DSO_FAILURE)        ,"DSO failure"},
 {ERR_REASON(ENGINE_R_DSO_NOT_FOUND)      ,"dso not found"},
 {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"},
+{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),"engine configuration error"},
 {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"},
 {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"},
 {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"},

diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
index c795d5c5c417ca24ebdf68343d9a3ce85e8043fd..d4bc1efc794c123ad39febf0047b5f6b1968deaf 100644 (file)
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -769,6 +769,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_R_DSO_FAILURE                            104
 #define ENGINE_R_DSO_NOT_FOUND                          132
 #define ENGINE_R_ENGINES_SECTION_ERROR                  148
+#define ENGINE_R_ENGINE_CONFIGURATION_ERROR             101
 #define ENGINE_R_ENGINE_IS_NOT_IN_LIST                  105
 #define ENGINE_R_ENGINE_SECTION_ERROR                   149
 #define ENGINE_R_FAILED_LOADING_PRIVATE_KEY             128