From c6a43fbaf0579741ebf34e88ca7f0586b471062e Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Wed, 4 Feb 2009 23:01:53 +0100 Subject: [PATCH] TLS/SSL: fix memory leak when using compressed server links with ssl commit 6bc2d3d06e9cb4da68ea4b63d9b6b219d88ab927 (New connection option CONN_RFC1459) forgot to adjust the ssl bitmasks. The result is that when a compressed AND encrypted server link goes down the memory allocated by zlib and the r/w buffers are no longer free'd as the previous ConnSSL_Free() would then also remove the CONN_ZIP flag from the flag mask. --- src/ngircd/conn.h | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/src/ngircd/conn.h b/src/ngircd/conn.h index 08f6dde0..bd332b63 100644 --- a/src/ngircd/conn.h +++ b/src/ngircd/conn.h @@ -18,7 +18,13 @@ #include /* for time_t, see below */ - +/* + * connection state flags. this is a bitmask -- all values must + * be unique and a power of two. + * + * If you introduce new ones in between, make sure to adjust all + * remaining ones. + */ #define CONN_ISCLOSING 1 /* Conn_Close() already called */ #define CONN_ISCONNECTING 2 /* connect() in progress */ #define CONN_RFC1459 4 /* RFC 1459 compatibility mode */ @@ -29,10 +35,10 @@ #include "conf-ssl.h" #ifdef SSL_SUPPORT -#define CONN_SSL_CONNECT 8 /* wait for ssl connect to finish */ -#define CONN_SSL 16 /* this connection is SSL encrypted */ -#define CONN_SSL_WANT_WRITE 32 /* SSL/TLS library needs to write protocol data */ -#define CONN_SSL_WANT_READ 64 /* SSL/TLS library needs to read protocol data */ +#define CONN_SSL_CONNECT 16 /* wait for ssl connect to finish */ +#define CONN_SSL 32 /* this connection is SSL encrypted */ +#define CONN_SSL_WANT_WRITE 64 /* SSL/TLS library needs to write protocol data */ +#define CONN_SSL_WANT_READ 128 /* SSL/TLS library needs to read protocol data */ #endif typedef int CONN_ID; -- 2.39.2