Add function to free compression methods.

Although the memory allocated by compression methods is fixed and
cannot grow over time it can cause warnings in some leak checking
tools. The function SSL_COMP_free_compression_methods() will free
and zero the list of supported compression methods. This should
*only* be called in a single threaded context when an application
is shutting down to avoid interfering with existing contexts
attempting to look up compression methods.
(cherry picked from commit 976c58302b13d085edb3ab822f5eac4b2f1bff95)

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 3ba9e5be68608fa523cd00527fd28b1e05fb1a46..d9189563ad1723dce3a21b767cc265e6c8c3771f 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2512,6 +2512,7 @@ const COMP_METHOD *SSL_get_current_expansion(SSL *s);
 const char *SSL_COMP_get_name(const COMP_METHOD *comp);
 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
 STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths);
+void SSL_COMP_free_compression_methods(void);
 int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
 #else
 const void *SSL_get_current_compression(SSL *s);

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 1927969a76decc56c722fb3b05f7285bcc7b1c01..9b37cae38522658752c7d7469760a16d5c2f8c3a 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1899,6 +1899,18 @@ STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths)
        return old_meths;
        }
 
+static void cmeth_free(SSL_COMP *cm)
+       {
+       OPENSSL_free(cm);
+       }
+
+void SSL_COMP_free_compression_methods(void)
+       {
+       STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
+       ssl_comp_methods = NULL;
+       sk_SSL_COMP_pop_free(old_meths, cmeth_free);
+       }
+
 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
        {
        SSL_COMP *comp;