mirror of
https://github.com/adulau/ssldump.git
synced 2024-09-18 08:46:25 +00:00
Avoid leak by freeing SSL decoding context properly
This commit is contained in:
William Robinet
parent
8ef5540e58
commit
96021582f4
7 changed files with 43 additions and 3 deletions
|
|
@ -86,17 +86,22 @@ int network_handler_create(mod,handlerp)
|
|||
_status=0;
|
||||
abort:
|
||||
if(_status){
|
||||
network_handler_destroy(&handler);
|
||||
network_handler_destroy(mod, &handler);
|
||||
}
|
||||
return(_status);
|
||||
}
|
||||
|
||||
int network_handler_destroy(handlerp)
|
||||
int network_handler_destroy(mod,handlerp)
|
||||
proto_mod *mod;
|
||||
n_handler **handlerp;
|
||||
{
|
||||
n_handler *handler=0;
|
||||
if(!handlerp || !*handlerp)
|
||||
return(0);
|
||||
|
||||
handler = *handlerp;
|
||||
|
||||
mod->vtbl->destroy_ctx(mod->handle,&handler->ctx);
|
||||
free(*handlerp);
|
||||
*handlerp=0;
|
||||
return(0);
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ typedef struct packet_ packet;
|
|||
|
||||
int network_handler_create PROTO_LIST((proto_mod *mod,
|
||||
n_handler **handlerp));
|
||||
int network_handler_destroy PROTO_LIST((n_handler **handlerp));
|
||||
int network_handler_destroy PROTO_LIST((proto_mod *mod,n_handler **handlerp));
|
||||
int network_process_packet PROTO_LIST((n_handler *handler,
|
||||
struct timeval *timestamp,UCHAR *data,int length));
|
||||
int packet_copy PROTO_LIST((packet *in,packet **out));
|
||||
|
|
|
|||
|
|
@ -141,6 +141,8 @@ void sig_handler(int sig)
|
|||
if(freed_conn && !(NET_print_flags & NET_PRINT_JSON))
|
||||
printf("Cleaned %d remaining connection(s) from connection pool\n", freed_conn);
|
||||
|
||||
network_handler_destroy(mod, &n);
|
||||
|
||||
if(p)
|
||||
pcap_close(p);
|
||||
if(interface_name)
|
||||
|
|
@ -496,6 +498,7 @@ int main(argc,argv)
|
|||
if(freed_conn && !(NET_print_flags & NET_PRINT_JSON))
|
||||
printf("Cleaned %d remaining connection(s) from connection pool\n", freed_conn);
|
||||
|
||||
network_handler_destroy(mod, &n);
|
||||
pcap_close(p);
|
||||
|
||||
free(n);
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@ struct proto_mod_vtbl_ {
|
|||
proto_obj **objp,
|
||||
struct in_addr *i_addr,u_short i_port,
|
||||
struct in_addr *r_addr,u_short r_port,struct timeval *time_base));
|
||||
int (*destroy_ctx) PROTO_LIST((void *handle,proto_ctx **ctxp));
|
||||
int (*destroy) PROTO_LIST((proto_obj **objp));
|
||||
int (*data) PROTO_LIST((proto_obj *obj,segment *data,int direction));
|
||||
int (*close) PROTO_LIST((proto_obj *obj,packet *p,int direction));
|
||||
|
|
|
|||
|
|
@ -61,6 +61,7 @@ static int create_ssl_analyzer PROTO_LIST((void *handle,
|
|||
proto_ctx *ctx,tcp_conn *conn,proto_obj **objp,
|
||||
struct in_addr *i_addr,u_short i_port,
|
||||
struct in_addr *r_addr,u_short r_port, struct timeval *base_time));
|
||||
static int destroy_ssl_ctx PROTO_LIST((void *handle,proto_ctx **ctxp));
|
||||
static int destroy_ssl_analyzer PROTO_LIST((proto_obj **objp));
|
||||
static int read_ssl_record PROTO_LIST((ssl_obj *obj,r_queue *q,segment *seg,
|
||||
int offset,segment **lastp,int *offsetp));
|
||||
|
|
@ -228,6 +229,15 @@ static int create_ssl_ctx(handle,ctxp)
|
|||
return(_status);
|
||||
}
|
||||
|
||||
static int destroy_ssl_ctx(handle,ctxp)
|
||||
void *handle;
|
||||
proto_ctx **ctxp;
|
||||
{
|
||||
ssl_decode_ctx *ctx=0;
|
||||
ctx=(ssl_decode_ctx *) *ctxp;
|
||||
ssl_decode_ctx_destroy(&ctx);
|
||||
}
|
||||
|
||||
static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
|
||||
proto_obj **objp, struct in_addr *i_addr, u_short i_port, struct in_addr *r_addr,
|
||||
u_short r_port, struct timeval *base_time)
|
||||
|
|
@ -635,6 +645,7 @@ static struct proto_mod_vtbl_ ssl_vtbl ={
|
|||
parse_ssl_flag,
|
||||
create_ssl_ctx,
|
||||
create_ssl_analyzer,
|
||||
destroy_ssl_ctx,
|
||||
destroy_ssl_analyzer,
|
||||
data_ssl_analyzer,
|
||||
close_ssl_analyzer,
|
||||
|
|
|
|||
|
|
@ -191,6 +191,25 @@ int ssl_decode_ctx_create(dp,keyfile,pass,keylogfile)
|
|||
#endif
|
||||
}
|
||||
|
||||
int ssl_decode_ctx_destroy(dp)
|
||||
ssl_decode_ctx **dp;
|
||||
{
|
||||
#ifdef OPENSSL
|
||||
ssl_decode_ctx *d = *dp;
|
||||
if(d->ssl_key_log_file) {
|
||||
fclose(d->ssl_key_log_file);
|
||||
}
|
||||
|
||||
r_assoc *x = d->session_cache;
|
||||
r_assoc_destroy(&d->session_cache);
|
||||
|
||||
SSL_CTX_free(d->ssl_ctx);
|
||||
SSL_free(d->ssl);
|
||||
free(d);
|
||||
#endif
|
||||
return(0);
|
||||
}
|
||||
|
||||
int ssl_decoder_create(dp,ctx)
|
||||
ssl_decoder **dp;
|
||||
ssl_decode_ctx *ctx;
|
||||
|
|
|
|||
|
|
@ -52,6 +52,7 @@
|
|||
|
||||
int ssl_decode_ctx_create PROTO_LIST((ssl_decode_ctx **ctx,
|
||||
char *keyfile,char *password,char *keylogfile));
|
||||
int ssl_decode_ctx_destroy(ssl_decode_ctx **dp);
|
||||
int ssl_decoder_destroy PROTO_LIST((ssl_decoder **dp));
|
||||
int ssl_decoder_create PROTO_LIST((ssl_decoder **dp,ssl_decode_ctx *ctx));
|
||||
int ssl_set_client_random PROTO_LIST((ssl_decoder *dp,
|
||||
|
|
|
|||
Loading…
Reference in a new issue