aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2016-09-19 11:33:14 +0200
committerDaniel Stenberg <daniel@haxx.se>2016-09-19 11:33:14 +0200
commitde71e68000c8624ea13f90b136f8734dd0fb1bdc (patch)
treee88e0aca5a937490d74031761d98b3a3709adfa5
parentfb0032a33e3c3705f45ea09a1a55ac0b1d4f0fd6 (diff)
openssl: don’t call CRYTPO_cleanup_all_ex_data
The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called multiple times without crashing - and other libs might call it! We basically cannot call it without risking a crash. The function is a no-op since OpenSSL 1.1.0. Not calling this function only risks a small memory leak with OpenSSL < 1.1.0. Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html Reported-by: Todd Short
-rw-r--r--CMakeLists.txt4
-rw-r--r--configure.ac1
-rw-r--r--lib/vtls/openssl.c5
3 files changed, 1 insertions, 9 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a0f42133e..7da33331b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
-# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -775,8 +775,6 @@ if(CMAKE_USE_OPENSSL)
check_symbol_exists(RAND_status "${CURL_INCLUDES}" HAVE_RAND_STATUS)
check_symbol_exists(RAND_screen "${CURL_INCLUDES}" HAVE_RAND_SCREEN)
check_symbol_exists(RAND_egd "${CURL_INCLUDES}" HAVE_RAND_EGD)
- check_symbol_exists(CRYPTO_cleanup_all_ex_data "${CURL_INCLUDES}"
- HAVE_CRYPTO_CLEANUP_ALL_EX_DATA)
if(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
set(USE_OPENSSL 1)
endif(HAVE_LIBCRYPTO AND HAVE_LIBSSL)
diff --git a/configure.ac b/configure.ac
index 1040a07fb..f7f8e0c5f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1639,7 +1639,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
RAND_screen \
RAND_egd \
ENGINE_cleanup \
- CRYPTO_cleanup_all_ex_data \
SSL_get_shutdown \
SSLv2_client_method )
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 44a6bd82b..30a8dabc3 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -748,11 +748,6 @@ void Curl_ossl_cleanup(void)
ENGINE_cleanup();
#endif
-#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
- /* Free OpenSSL ex_data table */
- CRYPTO_cleanup_all_ex_data();
-#endif
-
/* Free OpenSSL error strings */
ERR_free_strings();