From 3e16770594ee8267db0523ec733d0af794f277ff Mon Sep 17 00:00:00 2001 From: Andre Noll Date: Fri, 29 Dec 2017 16:22:37 +0100 Subject: [PATCH] crypt: Introduce crypt_shutdown(). This plugs a few harmless memory leaks in the openssl crypto backend. The leaks occur on exit and are only reported by valgrind if it is run with --leak-check=full --show-leak-kinds=all. The gcrypt backend has similar problems, but there is no way to provide a similar patch for libgrypt. The newly added comment in gcrypt.c explains why. --- audiod.c | 2 +- client.c | 1 + crypt.h | 2 ++ gcrypt.c | 9 +++++++++ openssl.c | 5 +++++ server.c | 2 ++ 6 files changed, 20 insertions(+), 1 deletion(-) diff --git a/audiod.c b/audiod.c index 4e6cf8e1..083c2a7a 100644 --- a/audiod.c +++ b/audiod.c @@ -1542,7 +1542,7 @@ int main(int argc, char *argv[]) audiod_cleanup(); sched_shutdown(&sched); signal_shutdown(signal_task); - + crypt_shutdown(); out: lls_free_parse_result(lpr, CMD_PTR); if (errctx) diff --git a/client.c b/client.c index 1d8a399a..c45826ab 100644 --- a/client.c +++ b/client.c @@ -664,6 +664,7 @@ int main(int argc, char *argv[]) } } sched_shutdown(&sched); + crypt_shutdown(); out: if (ret < 0) PARA_ERROR_LOG("%s\n", para_strerror(-ret)); diff --git a/crypt.h b/crypt.h index 9c09face..85629591 100644 --- a/crypt.h +++ b/crypt.h @@ -89,6 +89,8 @@ void get_random_bytes_or_die(unsigned char *buf, int num); */ void crypt_init(void); +/** Allocate all resources of the crypto backend. */ +void crypt_shutdown(void); /** Opaque structure for stream ciphers. */ struct stream_cipher; diff --git a/gcrypt.c b/gcrypt.c index 5c05ba20..705d0d87 100644 --- a/gcrypt.c +++ b/gcrypt.c @@ -70,6 +70,15 @@ void crypt_init(void) srandom(seed); } +void crypt_shutdown(void) +{ + /* + * WK does not see a way to apply a patch for the sake of Valgrind, so + * as of 2018 libgrypt has no deinitialization routine to free the + * resources on exit. + */ +} + /** S-expression for the public part of an RSA key. */ #define RSA_PUBKEY_SEXP "(public-key (rsa (n %m) (e %m)))" /** S-expression for a private RSA key. */ diff --git a/openssl.c b/openssl.c index 70a13aaa..7d5bb25d 100644 --- a/openssl.c +++ b/openssl.c @@ -55,6 +55,11 @@ void crypt_init(void) srandom(seed); } +void crypt_shutdown(void) +{ + CRYPTO_cleanup_all_ex_data(); +} + static int get_private_key(const char *path, RSA **rsa) { EVP_PKEY *pkey; diff --git a/server.c b/server.c index 07a38f44..aba05688 100644 --- a/server.c +++ b/server.c @@ -456,6 +456,7 @@ static int init_afs(int argc, char **argv) int i; afs_pid = getpid(); + crypt_shutdown(); for (i = argc - 1; i >= 0; i--) memset(argv[i], 0, strlen(argv[i])); i = argc - lls_num_inputs(cmdline_lpr) - 1; @@ -610,6 +611,7 @@ int main(int argc, char *argv[]) mutex_lock(mmd_mutex); ret = schedule(&sched); sched_shutdown(&sched); + crypt_shutdown(); lls_free_parse_result(server_lpr, CMD_PTR); if (server_lpr != cmdline_lpr) lls_free_parse_result(cmdline_lpr, CMD_PTR); -- 2.39.2