Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
... | ... |
@@ -2262,15 +2262,7 @@ key_state_free (struct key_state *ks, bool clear) |
2262 | 2262 |
{ |
2263 | 2263 |
ks->state = S_UNDEF; |
2264 | 2264 |
|
2265 |
- if (ks->ks_ssl.ssl) { |
|
2266 |
-#ifdef BIO_DEBUG |
|
2267 |
- bio_debug_oc ("close ssl_bio", ks->ks_ssl.ssl_bio); |
|
2268 |
- bio_debug_oc ("close ct_in", ks->ks_ssl.ct_in); |
|
2269 |
- bio_debug_oc ("close ct_out", ks->ks_ssl.ct_out); |
|
2270 |
-#endif |
|
2271 |
- BIO_free_all(ks->ks_ssl.ssl_bio); |
|
2272 |
- SSL_free (ks->ks_ssl.ssl); |
|
2273 |
- } |
|
2265 |
+ key_state_ssl_free(&ks->ks_ssl); |
|
2274 | 2266 |
|
2275 | 2267 |
free_key_ctx_bi (&ks->key); |
2276 | 2268 |
free_buf (&ks->plaintext_read_buf); |
... | ... |
@@ -287,6 +287,13 @@ void tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs |
287 | 287 |
void key_state_ssl_init(struct key_state_ssl *ks_ssl, |
288 | 288 |
const struct tls_root_ctx *ssl_ctx, bool is_server, void *session); |
289 | 289 |
|
290 |
+/** |
|
291 |
+ * Free the SSL channel part of the given key state. |
|
292 |
+ * |
|
293 |
+ * @param ks_ssl The SSL channel's state info to free |
|
294 |
+ */ |
|
295 |
+void key_state_ssl_free(struct key_state_ssl *ks_ssl); |
|
296 |
+ |
|
290 | 297 |
/* |
291 | 298 |
* Show the TLS ciphers that are available for us to use in the OpenSSL |
292 | 299 |
* library. |
... | ... |
@@ -889,6 +889,19 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ |
889 | 889 |
BIO_set_ssl (ks_ssl->ssl_bio, ks_ssl->ssl, BIO_NOCLOSE); |
890 | 890 |
} |
891 | 891 |
|
892 |
+void key_state_ssl_free(struct key_state_ssl *ks_ssl) |
|
893 |
+{ |
|
894 |
+ if (ks_ssl->ssl) { |
|
895 |
+#ifdef BIO_DEBUG |
|
896 |
+ bio_debug_oc ("close ssl_bio", ks_ssl->ssl_bio); |
|
897 |
+ bio_debug_oc ("close ct_in", ks_ssl->ct_in); |
|
898 |
+ bio_debug_oc ("close ct_out", ks_ssl->ct_out); |
|
899 |
+#endif |
|
900 |
+ BIO_free_all(ks_ssl->ssl_bio); |
|
901 |
+ SSL_free (ks_ssl->ssl); |
|
902 |
+ } |
|
903 |
+} |
|
904 |
+ |
|
892 | 905 |
void |
893 | 906 |
tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs_file |
894 | 907 |
#if ENABLE_INLINE_FILES |