diff options
| author | Curl Upstream <curl-library@lists.haxx.se> | 2022-10-26 06:12:46 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2022-10-31 20:11:01 (GMT) |
| commit | ec122fff08ab9a8e56fb90126ecedb99c759011b (patch) | |
| tree | 372b5f86f3fad307de965e11187e51ef0860960b /lib/vtls/wolfssl.c | |
| parent | 9d8f81f4f8ac4a234ced9c446958fdfcaed4faa3 (diff) | |
| download | CMake-ec122fff08ab9a8e56fb90126ecedb99c759011b.zip CMake-ec122fff08ab9a8e56fb90126ecedb99c759011b.tar.gz CMake-ec122fff08ab9a8e56fb90126ecedb99c759011b.tar.bz2 | |
curl 2022-10-26 (cd95ee9f)
Code extracted from:
https://github.com/curl/curl.git
at commit cd95ee9f771361acf241629d2fe5507e308082a2 (curl-7_86_0).
Diffstat (limited to 'lib/vtls/wolfssl.c')
| -rw-r--r-- | lib/vtls/wolfssl.c | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index da8cb82..594c39a 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -18,6 +18,8 @@ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * + * SPDX-License-Identifier: curl + * ***************************************************************************/ /* @@ -503,7 +505,7 @@ wolfssl_connect_step1(struct Curl_easy *data, struct connectdata *conn, SSL_free(backend->handle); backend->handle = SSL_new(backend->ctx); if(!backend->handle) { - failf(data, "SSL: couldn't create a context"); + failf(data, "SSL: couldn't create a handle"); return CURLE_OUT_OF_MEMORY; } @@ -761,17 +763,17 @@ wolfssl_connect_step2(struct Curl_easy *data, struct connectdata *conn, if(protocol_len == ALPN_HTTP_1_1_LENGTH && !memcmp(protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) - conn->negnpn = CURL_HTTP_VERSION_1_1; + conn->alpn = CURL_HTTP_VERSION_1_1; #ifdef USE_HTTP2 else if(data->state.httpwant >= CURL_HTTP_VERSION_2 && protocol_len == ALPN_H2_LENGTH && !memcmp(protocol, ALPN_H2, ALPN_H2_LENGTH)) - conn->negnpn = CURL_HTTP_VERSION_2; + conn->alpn = CURL_HTTP_VERSION_2; #endif else infof(data, "ALPN, unrecognized protocol %.*s", protocol_len, protocol); - Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->alpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } else if(rc == SSL_ALPN_NOT_FOUND) @@ -809,8 +811,10 @@ wolfssl_connect_step3(struct Curl_easy *data, struct connectdata *conn, if(SSL_SET_OPTION(primary.sessionid)) { bool incache; + bool added = FALSE; void *old_ssl_sessionid = NULL; - SSL_SESSION *our_ssl_sessionid = SSL_get_session(backend->handle); + /* SSL_get1_session allocates memory that has to be freed. */ + SSL_SESSION *our_ssl_sessionid = SSL_get1_session(backend->handle); bool isproxy = SSL_IS_PROXY() ? TRUE : FALSE; if(our_ssl_sessionid) { @@ -830,11 +834,20 @@ wolfssl_connect_step3(struct Curl_easy *data, struct connectdata *conn, 0, sockindex, NULL); if(result) { Curl_ssl_sessionid_unlock(data); + SSL_SESSION_free(our_ssl_sessionid); failf(data, "failed to store ssl session"); return result; } + else { + added = TRUE; + } } Curl_ssl_sessionid_unlock(data); + + if(!added) { + /* If the session info wasn't added to the cache, free our copy. */ + SSL_SESSION_free(our_ssl_sessionid); + } } } @@ -954,8 +967,7 @@ static ssize_t wolfssl_recv(struct Curl_easy *data, static void wolfssl_session_free(void *ptr) { - (void)ptr; - /* wolfSSL reuses sessions on own, no free */ + SSL_SESSION_free(ptr); } |