Valgrind reports that the memory allocated in ssl_get_dh_1024() was leaking.
Upon further inspection of openssl code, it seems that SSL_CTX_set_tmp_dh makes
a copy of the data, so calling DH_free afterwards makes sense.
thanks,
roberto
---
src/ssl_sock.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 0d35c29..378fddc 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1643,6 +1643,7 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx, const char
*file)
goto end;
SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
+ DH_free(local_dh_1024);
}
else {
SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
--
2.7.4 (Apple Git-66)
