upas/fs: fix tlsClient() memory leaks
This commit is contained in:
parent
a8fc4ddc6d
commit
8b7897b57a
2 changed files with 26 additions and 16 deletions
|
@ -399,7 +399,6 @@ starttls(Imap *imap, TLSconn *connp)
|
|||
int sfd;
|
||||
uchar digest[SHA1dlen];
|
||||
|
||||
fmtinstall('H', encodefmt);
|
||||
memset(connp, 0, sizeof *connp);
|
||||
sfd = tlsClient(imap->fd, connp);
|
||||
if(sfd < 0) {
|
||||
|
@ -414,6 +413,7 @@ starttls(Imap *imap, TLSconn *connp)
|
|||
sha1(connp->cert, connp->certlen, digest, nil);
|
||||
if(!imap->thumb || !okThumbprint(digest, imap->thumb)){
|
||||
close(sfd);
|
||||
fmtinstall('H', encodefmt);
|
||||
werrstr("server certificate %.*H not recognized",
|
||||
SHA1dlen, digest);
|
||||
return -1;
|
||||
|
@ -451,10 +451,10 @@ imap4dial(Imap *imap)
|
|||
|
||||
if(imap->mustssl){
|
||||
sfd = starttls(imap, &conn);
|
||||
if (sfd < 0) {
|
||||
free(conn.cert);
|
||||
free(conn.sessionID);
|
||||
if(sfd < 0)
|
||||
return imaperrstr(imap->host, port);
|
||||
}
|
||||
if(imap->debug){
|
||||
char fn[128];
|
||||
int fd;
|
||||
|
@ -463,11 +463,13 @@ imap4dial(Imap *imap)
|
|||
fd = open(fn, ORDWR);
|
||||
if(fd < 0)
|
||||
fprint(2, "opening ctl: %r\n");
|
||||
else {
|
||||
if(fprint(fd, "debug") < 0)
|
||||
fprint(2, "writing ctl: %r\n");
|
||||
close(fd);
|
||||
}
|
||||
}
|
||||
}
|
||||
Binit(&imap->bin, imap->fd, OREAD);
|
||||
Binit(&imap->bout, imap->fd, OWRITE);
|
||||
|
||||
|
|
|
@ -119,31 +119,39 @@ pop3pushtls(Pop *pop)
|
|||
int fd;
|
||||
uchar digest[SHA1dlen];
|
||||
TLSconn conn;
|
||||
char *err;
|
||||
|
||||
err = nil;
|
||||
memset(&conn, 0, sizeof conn);
|
||||
// conn.trace = pop3log;
|
||||
fd = tlsClient(pop->fd, &conn);
|
||||
if(fd < 0)
|
||||
return "tls error";
|
||||
if(fd < 0){
|
||||
err = "tls error";
|
||||
goto out;
|
||||
}
|
||||
if(conn.cert==nil || conn.certlen <= 0){
|
||||
close(fd);
|
||||
return "server did not provide TLS certificate";
|
||||
err = "server did not provide TLS certificate";
|
||||
goto out;
|
||||
}
|
||||
sha1(conn.cert, conn.certlen, digest, nil);
|
||||
if(!pop->thumb || !okThumbprint(digest, pop->thumb)){
|
||||
fmtinstall('H', encodefmt);
|
||||
close(fd);
|
||||
free(conn.cert);
|
||||
fprint(2, "upas/fs pop3: server certificate %.*H not recognized\n", SHA1dlen, digest);
|
||||
return "bad server certificate";
|
||||
err = "bad server certificate";
|
||||
goto out;
|
||||
}
|
||||
free(conn.cert);
|
||||
close(pop->fd);
|
||||
pop->fd = fd;
|
||||
pop->encrypted = 1;
|
||||
Binit(&pop->bin, pop->fd, OREAD);
|
||||
Binit(&pop->bout, pop->fd, OWRITE);
|
||||
return nil;
|
||||
fd = -1;
|
||||
out:
|
||||
free(conn.sessionID);
|
||||
free(conn.cert);
|
||||
if(fd >= 0)
|
||||
close(fd);
|
||||
return err;
|
||||
}
|
||||
|
||||
//
|
||||
|
|
Loading…
Reference in a new issue