Commit f86d63e4 authored by Jeremy Hylton's avatar Jeremy Hylton

Fix two memory leaks in socket.ssl().

XXX [1] These changes aren't tested very thoroughly, because regrtest
doesn't do any SSL tests.  I've done some trivial tests on my own, but
don't really know how to use the key and cert files.  In one case, an
SSL-level error causes Python to dump core.  I'll get the fixed in the
next round of changes.

XXX [2] The checkin removes the x_attr member of the SSLObject struct.
I'm not sure if this is kosher for backwards compatibility at the
binary level.  Perhaps its safer to keep the member but keep it
assigned to NULL.

And the leaks?

newSSLObject() called PyDict_New(), stored the result in x_attr
without checking it, and later stored NULL in x_attr without doing
anything to the dict.  So the dict always leaks.  There is no further
reference to x_attr, so I just removed it completely.

The error cases in newSSLObject() passed the return value of
PyString_FromString() directly to PyErr_SetObject().
PyErr_SetObject() expects a borrowed reference, so the string leaked.
parent 0407aeae
...@@ -491,7 +491,6 @@ typedef struct { ...@@ -491,7 +491,6 @@ typedef struct {
typedef struct { typedef struct {
PyObject_HEAD PyObject_HEAD
PySocketSockObject *Socket; /* Socket on which we're layered */ PySocketSockObject *Socket; /* Socket on which we're layered */
PyObject *x_attr; /* Attributes dictionary */
SSL_CTX* ctx; SSL_CTX* ctx;
SSL* ssl; SSL* ssl;
X509* server_cert; X509* server_cert;
...@@ -2499,54 +2498,41 @@ static SSLObject * ...@@ -2499,54 +2498,41 @@ static SSLObject *
newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file) newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file)
{ {
SSLObject *self; SSLObject *self;
PyObject *error = NULL;
self = PyObject_New(SSLObject, &SSL_Type); /* Create new object */ self = PyObject_New(SSLObject, &SSL_Type); /* Create new object */
if (self == NULL){ if (self == NULL){
PyErr_SetObject(SSLErrorObject, error = PyString_FromString("newSSLObject error");
PyString_FromString("newSSLObject error")); goto fail;
return NULL;
} }
memset(self->server, '\0', sizeof(char) * 256); memset(self->server, '\0', sizeof(char) * 256);
memset(self->issuer, '\0', sizeof(char) * 256); memset(self->issuer, '\0', sizeof(char) * 256);
self->x_attr = PyDict_New();
self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */ self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
if (self->ctx == NULL) { if (self->ctx == NULL) {
PyErr_SetObject(SSLErrorObject, error = PyString_FromString("SSL_CTX_new error");
PyString_FromString("SSL_CTX_new error")); goto fail;
PyObject_Del(self);
return NULL;
} }
if ( (key_file && !cert_file) || (!key_file && cert_file) ) if ((key_file && !cert_file) || (!key_file && cert_file)) {
{ error = PyString_FromString(
PyErr_SetObject(SSLErrorObject, "Both the key & certificate files must be specified");
PyString_FromString( goto fail;
"Both the key & certificate files must be specified"));
PyObject_Del(self);
return NULL;
} }
if (key_file && cert_file) if (key_file && cert_file) {
{
if (SSL_CTX_use_PrivateKey_file(self->ctx, key_file, if (SSL_CTX_use_PrivateKey_file(self->ctx, key_file,
SSL_FILETYPE_PEM) < 1) SSL_FILETYPE_PEM) < 1) {
{ error = PyString_FromString(
PyErr_SetObject(SSLErrorObject, "SSL_CTX_use_PrivateKey_file error");
PyString_FromString( goto fail;
"SSL_CTX_use_PrivateKey_file error"));
PyObject_Del(self);
return NULL;
} }
if (SSL_CTX_use_certificate_chain_file(self->ctx, if (SSL_CTX_use_certificate_chain_file(self->ctx,
cert_file) < 1) cert_file) < 1) {
{ error = PyString_FromString(
PyErr_SetObject(SSLErrorObject, "SSL_CTX_use_certificate_chain_file error");
PyString_FromString( goto fail;
"SSL_CTX_use_certificate_chain_file error"));
PyObject_Del(self);
return NULL;
} }
} }
...@@ -2556,12 +2542,11 @@ newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file) ...@@ -2556,12 +2542,11 @@ newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file)
SSL_set_fd(self->ssl, Sock->sock_fd); /* Set the socket for SSL */ SSL_set_fd(self->ssl, Sock->sock_fd); /* Set the socket for SSL */
SSL_set_connect_state(self->ssl); SSL_set_connect_state(self->ssl);
if ((SSL_connect(self->ssl)) == -1) {
/* Actually negotiate SSL connection */ /* Actually negotiate SSL connection */
PyErr_SetObject(SSLErrorObject, /* XXX If SSL_connect() returns 0, it's also a failure. */
PyString_FromString("SSL_connect error")); if ((SSL_connect(self->ssl)) == -1) {
PyObject_Del(self); error = PyString_FromString("SSL_connect error");
return NULL; goto fail;
} }
self->ssl->debug = 1; self->ssl->debug = 1;
...@@ -2571,10 +2556,16 @@ newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file) ...@@ -2571,10 +2556,16 @@ newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file)
X509_NAME_oneline(X509_get_issuer_name(self->server_cert), X509_NAME_oneline(X509_get_issuer_name(self->server_cert),
self->issuer, 256); self->issuer, 256);
} }
self->x_attr = NULL;
self->Socket = Sock; self->Socket = Sock;
Py_INCREF(self->Socket); Py_INCREF(self->Socket);
return self; return self;
fail:
if (error) {
PyErr_SetObject(SSLErrorObject, error);
Py_DECREF(error);
}
Py_DECREF(self);
return NULL;
} }
/* This is the Python function called for new object initialization */ /* This is the Python function called for new object initialization */
...@@ -2629,7 +2620,6 @@ static void SSL_dealloc(SSLObject *self) ...@@ -2629,7 +2620,6 @@ static void SSL_dealloc(SSLObject *self)
X509_free (self->server_cert); X509_free (self->server_cert);
SSL_free(self->ssl); SSL_free(self->ssl);
SSL_CTX_free(self->ctx); SSL_CTX_free(self->ctx);
Py_XDECREF(self->x_attr);
Py_XDECREF(self->Socket); Py_XDECREF(self->Socket);
PyObject_Del(self); PyObject_Del(self);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment