diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2016-09-19 11:33:14 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2016-09-19 11:33:14 +0200 |
| commit | de71e68000c8624ea13f90b136f8734dd0fb1bdc (patch) | |
| tree | e88e0aca5a937490d74031761d98b3a3709adfa5 | |
| parent | fb0032a33e3c3705f45ea09a1a55ac0b1d4f0fd6 (diff) | |
openssl: don’t call CRYTPO_cleanup_all_ex_data
The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called
multiple times without crashing - and other libs might call it! We
basically cannot call it without risking a crash. The function is a
no-op since OpenSSL 1.1.0.
Not calling this function only risks a small memory leak with OpenSSL <
1.1.0.
Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html
Reported-by: Todd Short
| -rw-r--r-- | CMakeLists.txt | 4 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | lib/vtls/openssl.c | 5 |
3 files changed, 1 insertions, 9 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index a0f42133e..7da33331b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -775,8 +775,6 @@ if(CMAKE_USE_OPENSSL) check_symbol_exists(RAND_status "${CURL_INCLUDES}" HAVE_RAND_STATUS) check_symbol_exists(RAND_screen "${CURL_INCLUDES}" HAVE_RAND_SCREEN) check_symbol_exists(RAND_egd "${CURL_INCLUDES}" HAVE_RAND_EGD) - check_symbol_exists(CRYPTO_cleanup_all_ex_data "${CURL_INCLUDES}" - HAVE_CRYPTO_CLEANUP_ALL_EX_DATA) if(HAVE_LIBCRYPTO AND HAVE_LIBSSL) set(USE_OPENSSL 1) endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL) diff --git a/configure.ac b/configure.ac index 1040a07fb..f7f8e0c5f 100644 --- a/configure.ac +++ b/configure.ac @@ -1639,7 +1639,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then RAND_screen \ RAND_egd \ ENGINE_cleanup \ - CRYPTO_cleanup_all_ex_data \ SSL_get_shutdown \ SSLv2_client_method ) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 44a6bd82b..30a8dabc3 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -748,11 +748,6 @@ void Curl_ossl_cleanup(void) ENGINE_cleanup(); #endif -#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA - /* Free OpenSSL ex_data table */ - CRYPTO_cleanup_all_ex_data(); -#endif - /* Free OpenSSL error strings */ ERR_free_strings(); |