On Tue, Dec 20, 2016 at 05:33:12PM +0100, Daniel Pocock wrote: > > > On 19/12/16 23:05, Kurt Roeckx wrote: > > > > > You should use SSL_COMP_free_compression_methods() so that we can > > put the internal pointer to NULL. > > > > Thanks for suggesting that, I notice that method is only available with > OpenSSL 1.0.2 and I'm also trying to build backports for jessie (OpenSSL > 1.0.1) > > Is there anything I can do that will be 1.0.1 compatible?
Doesn't look like there is. > Maybe I could also do this: > > #if OPENSSL_VERSION_NUMBER < 0x01000200f > ErrLog(<<"Unable to free compression methods on OpenSSL < 1.0.2"); > #else > SSL_COMP_free_compression_methods() > #endif > > > so that the code will compile with either OpenSSL version, but people > stuck with an older OpenSSL will potentially have the leak. Just leak it, even for 1.0.2. (In 1.1.0 the function doesn't do anything anymore, OpenSSL will clean it up itself.) Kurt
