[Python-bugs-list] [ python-Bugs-425370 ] socketmodule SSL free calls in wrong order

noreply@sourceforge.net noreply@sourceforge.net
Thu, 16 Aug 2001 10:57:47 -0700 

Bugs item #425370, was opened at 2001-05-18 21:28
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=425370&group_id=5470

Category: Extension Modules
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Jeremy Hylton (jhylton)
Summary: socketmodule SSL free calls in wrong order

Initial Comment:
I was examining socketmodule.c and notice the following ordering of 
allocation and deallocation regarding SSL.

    static SSLObject *
    newSSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file)
    {
        ...
        self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
        ...
        self->ssl = SSL_new(self->ctx); /* New ssl struct */
        ...
    }

    static void SSL_dealloc(SSLObject *self)
    {
        ...
        SSL_CTX_free(self->ctx);
        SSL_free(self->ssl);
        ...
    }

Perhaps it works for now, but I think that the order of free() calls in
SSL_dealloc should be reversed.



----------------------------------------------------------------------

>Comment By: Barry Warsaw (bwarsaw)
Date: 2001-08-16 10:57

Message:
Logged In: YES 
user_id=12800

Ah, or https://sf.net :)

Maybe add this as a test case to test_socket but don't bomb
out if that host isn't responding or reachable?


----------------------------------------------------------------------

Comment By: Guido van Rossum (gvanrossum)
Date: 2001-08-16 09:34

Message:
Logged In: YES 
user_id=6380

Testing SSL support is easy in interactive mode, e.g.
urllib.urlopen("https://www.openair.com/index.pl")

----------------------------------------------------------------------

Comment By: Barry Warsaw (bwarsaw)
Date: 2001-08-16 09:04

Message:
Logged In: YES 
user_id=12800

I believe it is easy to fix (see attached patch), but I
don't have a way of testing it.  There appears to be no
regression test for SSL support, nor is there documentation,
so I have no idea how to /use/ the SSL support in socket module.

Assigning back to Jeremy to double check the patch.

----------------------------------------------------------------------

Comment By: Jeremy Hylton (jhylton)
Date: 2001-07-06 09:18

Message:
Logged In: YES 
user_id=31392

Barry, This is a memory leak/free problem, right? So you 
get it.  Seriously, sounds like this would be easy to fix.


----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=425370&group_id=5470