From 3353049ae392f13dc6a55a3cdd3d36f7fdcbdb97 Mon Sep 17 00:00:00 2001
From: Jan Vidar Krey <janvidar@extatic.org>
Date: Tue, 24 Aug 2010 22:58:10 +0200
Subject: [PATCH] Several SSL/TLS related memory leak fixes.

---
 src/core/hub.c        |  1 -
 src/core/probe.c      | 15 +++++++++++++++
 src/core/user.c       |  6 ++++++
 src/network/backend.c |  5 +++++
 src/network/network.c |  5 +++--
 5 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/src/core/hub.c b/src/core/hub.c
index 1a911e0..1e13377 100644
--- a/src/core/hub.c
+++ b/src/core/hub.c
@@ -824,7 +824,6 @@ void hub_shutdown_service(struct hub_info* hub)
 
 	event_queue_shutdown(hub->queue);
 	net_con_close(hub->server);
-	hub_free(hub->server);
 	server_alt_port_stop(hub);
 	uman_shutdown(hub);
 	hub->status = hub_status_stopped;
diff --git a/src/core/probe.c b/src/core/probe.c
index cf0a47e..b2a8b2d 100644
--- a/src/core/probe.c
+++ b/src/core/probe.c
@@ -50,6 +50,18 @@ static void probe_net_event(struct net_connection* con, int events, void *arg)
 				if (probe->hub->config->tls_enable && probe->hub->config->tls_require)
 				{
 					LOG_TRACE("Not TLS connection - closing connection.");
+					if (*probe->hub->config->tls_require_redirect_addr)
+					{
+						char buf[512];
+						ssize_t len = snprintf(buf, sizeof(buf), "ISUP " ADC_PROTO_SUPPORT "\nISID AAAB\nIINF NIRedirecting...\nIQUI AAAB RD%s\n", probe->hub->config->tls_require_redirect_addr);
+						net_con_send(con, buf, (size_t) len);
+						LOG_TRACE("Not TLS connection - Redirecting to %s.", probe->hub->config->tls_require_redirect_addr);
+					}
+					else
+					{
+						LOG_TRACE("Not TLS connection - closing connection.");
+					}
+					probe_destroy(probe);
 				}
 				else
 #endif
@@ -107,6 +119,8 @@ struct hub_probe* probe_create(struct hub_info* hub, int sd, struct ip_addr_enca
 	if (probe == NULL)
 		return NULL; /* OOM */
 
+	LOG_TRACE("probe_create(): %p", probe);
+
 	probe->hub = hub;
 	probe->connection = net_con_create();
 	net_con_initialize(probe->connection, sd, probe_net_event, probe, NET_EVENT_READ);
@@ -118,6 +132,7 @@ struct hub_probe* probe_create(struct hub_info* hub, int sd, struct ip_addr_enca
 
 void probe_destroy(struct hub_probe* probe)
 {
+	LOG_TRACE("probe_destroy(): %p (connection=%p)", probe, probe->connection);
 	if (probe->connection)
 	{
 		net_con_close(probe->connection);
diff --git a/src/core/user.c b/src/core/user.c
index 75a5664..40274b2 100644
--- a/src/core/user.c
+++ b/src/core/user.c
@@ -71,6 +71,12 @@ void user_destroy(struct hub_user* user)
 	hub_recvq_destroy(user->recv_queue);
 	hub_sendq_destroy(user->send_queue);
 
+	if (user->connection)
+	{
+		LOG_TRACE("user_destory() -> net_con_close(%p)", user->connection);
+		net_con_close(user->connection);
+	}
+
 	adc_msg_free(user->info);
 	user_clear_feature_cast_support(user);
 	hub_free(user);
diff --git a/src/network/backend.c b/src/network/backend.c
index d4f39c3..291b694 100644
--- a/src/network/backend.c
+++ b/src/network/backend.c
@@ -179,6 +179,10 @@ void net_con_close(struct net_connection* con)
 
 	g_backend->handler.con_del(g_backend->data, con);
 
+#ifdef SSL_SUPPORT
+	SSL_clear(con->ssl);
+#endif
+
 	net_close(con->sd);
 	con->sd = -1;
 
@@ -196,6 +200,7 @@ struct net_cleanup_handler* net_cleanup_initialize(size_t max)
 
 void net_cleanup_shutdown(struct net_cleanup_handler* handler)
 {
+	net_cleanup_process(handler);
 	hub_free(handler->queue);
 	hub_free(handler);
 }
diff --git a/src/network/network.c b/src/network/network.c
index ddb541b..0c4275a 100644
--- a/src/network/network.c
+++ b/src/network/network.c
@@ -62,7 +62,6 @@ int net_initialize()
 		LOG_TRACE("Initializing OpenSSL...");
 		SSL_library_init();
 		SSL_load_error_strings();
-		OpenSSL_add_all_algorithms();
 #endif /*  SSL_SUPPORT */
 
 		net_initialized = 1;
@@ -101,7 +100,9 @@ int net_destroy()
 		net_backend_shutdown();
 		
 #ifdef SSL_SUPPORT
-		/* FIXME: Shutdown OpenSSL here. */
+		ERR_free_strings();
+		EVP_cleanup();
+		CRYPTO_cleanup_all_ex_data();
 #endif
 
 #ifdef WINSOCK