From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Wed, 31 Mar 2021 09:49:27 +0000 (+0200)
Subject: BUG/MINOR: ssl: Add missing free on SSL_CTX in ckch_inst_free
X-Git-Tag: v2.3.10~30
X-Git-Url: http://git.haproxy.org/?a=commitdiff_plain;h=96d60288cf1560e522dbb6ab09e04ec3a879a80a;p=haproxy-2.3.git

BUG/MINOR: ssl: Add missing free on SSL_CTX in ckch_inst_free

The ckch instance keeps a reference to its SSL_CTX since commit 358a822
("BUG/MINOR: ssl: Fix update of default certificate") but this instance
was not freed during the instance's deletion.

It can be backported as far as 2.2 and where 358a822 is backported.
---

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index eeaa416..49f585d 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -913,6 +913,8 @@ void ckch_inst_free(struct ckch_inst *inst)
 		ebmb_delete(&sni->name);
 		free(sni);
 	}
+	SSL_CTX_free(inst->ctx);
+	inst->ctx = NULL;
 	LIST_DEL(&inst->by_ckchs);
 	LIST_DEL(&inst->by_crtlist_entry);
 	free(inst);