tls_wolfssl: patch wolfssl lib to fix memory leak

More information about the leak can be found on the wolfssl issue tracker: wolfSSL/wolfssl#6760 (cherry picked from commit 716f1d6)
OpenSIPS · Sep 21, 2023 · cf45a66 · cf45a66
1 parent 93b2594
commit cf45a66
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 2 deletions.
diff --git a/modules/tls_wolfssl/Makefile b/modules/tls_wolfssl/Makefile
@@ -23,9 +23,15 @@ lib/wolfssl/Makefile: lib/wolfssl/configure
 		--prefix=$(MOD_DIR)/lib \
 		--exec-prefix=$(MOD_DIR)/lib C_EXTRA_FLAGS="-fPIC" CFLAGS="-DWOLFSSL_STATIC_RSA"; \
 
-lib/lib/libwolfssl.a: lib/wolfssl/Makefile
+lib/lib/libwolfssl.a: lib/wolfssl/Makefile lib/wolfssl/src/internal.c
 	$(Q)$(MAKE) -C ./lib/wolfssl install
 
+lib/wolfssl/src/internal.c: lib/patches/wolfssl-internal-memleak-fix.patched
+
+lib/patches/wolfssl-internal-memleak-fix.patched: lib/patches/wolfssl-internal-memleak-fix.patch
+	 $(Q)patch -sNR --dry-run lib/wolfssl/src/internal.c $< || \
+		 $(Q)patch -N lib/wolfssl/src/internal.c $< && cp $< $@
+
 clean:	clean-wolfssl-lib
 
 .PHONY: clean-wolfssl-lib
@@ -34,4 +40,5 @@ clean-wolfssl-lib:
 		$(MAKE) -C ./lib/wolfssl clean; \
 	fi;
 	@rm -rf ./lib/bin ./lib/include ./lib/lib ./lib/share \
-	./lib/wolfssl/Makefile ./lib/wolfssl/configure
+	./lib/wolfssl/Makefile ./lib/wolfssl/configure \
+	lib/patches/wolfssl-internal-memleak-fix.patched
diff --git a/modules/tls_wolfssl/lib/patches/.gitignore b/modules/tls_wolfssl/lib/patches/.gitignore
@@ -0,0 +1 @@
+/*.patched
diff --git a/modules/tls_wolfssl/lib/patches/wolfssl-internal-memleak-fix.patch b/modules/tls_wolfssl/lib/patches/wolfssl-internal-memleak-fix.patch
@@ -0,0 +1,30 @@
+diff --git a/src/internal.c b/src/internal.c
+index 930769152..8e7ccf9c4 100644
+--- a/src/internal.c
++++ b/src/internal.c
+@@ -7207,7 +7208,11 @@ void SSL_ResourceFree(WOLFSSL* ssl)
+     /* Cleanup async */
+     FreeAsyncCtx(ssl, 1);
+ #endif
+-    if (ssl->options.weOwnRng) {
++    if (ssl->options.weOwnRng || (ssl->rng
++#ifdef SINGLE_THREADED
++        && ssl->rng != ssl->ctx->rng
++#endif
++       )) {
+         wc_FreeRng(ssl->rng);
+         XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
+     }
+@@ -7571,7 +7576,11 @@ void FreeHandshakeResources(WOLFSSL* ssl)
+     #endif
+ #endif
+     ) {
+-        if (ssl->options.weOwnRng) {
++        if (ssl->options.weOwnRng || (ssl->rng
++#ifdef SINGLE_THREADED
++            && ssl->rng != ssl->ctx->rng
++#endif
++        )) {
+             wc_FreeRng(ssl->rng);
+             XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
+             ssl->rng = NULL;