Fix memory leak with SSL connections due to missing X509_free() calls.

Per Neil Conway.

2 files changed, 17 insertions, 2 deletions

diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index 1e69f14fd4b..bd9edc1e88c 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43 2003/09/26 15:27:31 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43.2.1 2003/12/18 22:49:34 tgl Exp $
  *
  *	  Since the server static private key ($DataDir/server.key)
  *	  will normally be stored unencrypted so that the database
@@ -714,6 +714,9 @@ destroy_SSL(void)
 static int
 open_server_SSL(Port *port)
 {
+	Assert(!port->ssl);
+	Assert(!port->peer);
+
 	if (!(port->ssl = SSL_new(SSL_context)) ||
 		!SSL_set_fd(port->ssl, port->sock) ||
 		SSL_accept(port->ssl) <= 0)
@@ -764,6 +767,12 @@ close_SSL(Port *port)
 		SSL_free(port->ssl);
 		port->ssl = NULL;
 	}
+
+	if (port->peer)
+	{
+		X509_free(port->peer);
+		port->peer = NULL;
+	}
 }
 
 /*
diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c
index d55984a1105..dedf808d027 100644
--- a/src/interfaces/libpq/fe-secure.c
+++ b/src/interfaces/libpq/fe-secure.c
@@ -11,7 +11,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.32 2003/09/29 16:38:04 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-secure.c,v 1.32.2.1 2003/12/18 22:49:34 tgl Exp $
  *
  * NOTES
  *	  The client *requires* a valid server certificate.  Since
@@ -1004,6 +1004,12 @@ close_SSL(PGconn *conn)
 		SSL_free(conn->ssl);
 		conn->ssl = NULL;
 	}
+
+	if (conn->peer)
+	{
+		X509_free(conn->peer);
+		conn->peer = NULL;
+	}
 }
 
 /*