Fix memory leak with client auth.
[openssl.git] / ssl / t1_lib.c
index 0354e70..31fc70e 100644 (file)
@@ -1453,7 +1453,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
                                {
                                int cb_retval = 0;
                                cb_retval = record->fn1(s, record->ext_type,
-                                                        &out, &outlen, al,
+                                                       &out, &outlen, al,
                                                        record->arg);
                                if (cb_retval == 0)
                                        return NULL; /* error */
@@ -1513,8 +1513,8 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
        {
        int extdatalen=0;
        unsigned char *ret = p;
-        size_t i;
-        custom_srv_ext_record *record;
+       size_t i;
+       custom_srv_ext_record *record;
 #ifndef OPENSSL_NO_NEXTPROTONEG
        int next_proto_neg_seen;
 #endif
@@ -1698,29 +1698,30 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
                }
 #endif
 
-        for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++)
+       for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++)
                {
-                record = &s->ctx->custom_srv_ext_records[i];
-                const unsigned char *out = NULL;
-                unsigned short outlen = 0;
-                int cb_retval = 0;
-
-                /* NULL callback or -1 omits extension */
-                if (!record->fn2)
-                        break;
-                cb_retval = record->fn2(s, record->ext_type,
-                &out, &outlen, al,
-                record->arg);
-                if (cb_retval == 0)
-                        return NULL; /* error */
-                if (cb_retval == -1)
-                        break; /* skip this extension */
-                if (limit < ret + 4 + outlen)
-                        return NULL;
-                s2n(record->ext_type, ret);
-                s2n(outlen, ret);
-                memcpy(ret, out, outlen);
-                ret += outlen;
+               const unsigned char *out = NULL;
+               unsigned short outlen = 0;
+               int cb_retval = 0;
+
+               record = &s->ctx->custom_srv_ext_records[i];
+
+               /* NULL callback or -1 omits extension */
+               if (!record->fn2)
+                       continue;
+               cb_retval = record->fn2(s, record->ext_type,
+                                                               &out, &outlen, al,
+                                                               record->arg);
+               if (cb_retval == 0)
+                       return NULL; /* error */
+               if (cb_retval == -1)
+                       continue; /* skip this extension */
+               if (limit < ret + 4 + outlen)
+                       return NULL;
+               s2n(record->ext_type, ret);
+               s2n(outlen, ret);
+               memcpy(ret, out, outlen);
+               ret += outlen;
                }
 #ifdef TLSEXT_TYPE_encrypt_then_mac
        if (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC)
@@ -1935,12 +1936,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
                }
 
        /* Clear observed custom extensions */
-        s->s3->serverinfo_client_tlsext_custom_types_count = 0;
-        if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
+       s->s3->serverinfo_client_tlsext_custom_types_count = 0;
+       if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
                {
-                OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
-                s->s3->serverinfo_client_tlsext_custom_types = NULL;
-               }               
+               OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
+               s->s3->serverinfo_client_tlsext_custom_types = NULL;
+               }
 
 #ifndef OPENSSL_NO_HEARTBEATS
        s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
@@ -3643,6 +3644,11 @@ static int tls1_set_shared_sigalgs(SSL *s)
        TLS_SIGALGS *salgs = NULL;
        CERT *c = s->cert;
        unsigned int is_suiteb = tls1_suiteb(s);
+       if (c->shared_sigalgs)
+               {
+               OPENSSL_free(c->shared_sigalgs);
+               c->shared_sigalgs = NULL;
+               }
        /* If client use client signature algorithms if not NULL */
        if (!s->server && c->client_sigalgs && !is_suiteb)
                {
@@ -3699,6 +3705,8 @@ int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
        if (!c)
                return 0;
 
+       if (c->peer_sigalgs)
+               OPENSSL_free(c->peer_sigalgs);
        c->peer_sigalgs = OPENSSL_malloc(dsize);
        if (!c->peer_sigalgs)
                return 0;