[PATCH ustream] ustream-openssl: fix bio memory leak

[Petr Štetiar]

Eneas U de Queiroz <cotequeiroz at gmail.com> [2020-12-10 11:29:36]:

Hi,

> access that memory after we free it.  This would be after we call
> BIO_free.  The thing is, we aren't making that call. so we are leaking
> that resource as well. 

IIRC this is solved by OpenSSL internal reference counting and executed in
SSL_free() or SSL_shutdown().

> After tackling BIO_free, my suggestion would be to determine where the
> method table variable should go, and where to call BIO_meth_new and
> BIO_meth_free.  I would add it to a defined struct
> ustream_ssl_ctx--which is now just used with a cast to SSL_CTX--and

IIRC I've tried that approach already(this WIP solution is like 3rd
iteration), but that struct is opaque.

> would create and free the object in __ustream_ssl_context_new and
> __ustream_ssl_context_free, which would give it a possibly larger
> lifetime than the ssl_session or the BIO object.

AFAIK that's exactly what I'm doing in my current solution.

> We should coordinate efforts.  You're the boss, so tell me what you want me
> to do, if anything.

I didn't wanted to sound like the boss and I apologize if that was the case,
sorry. 

I've just send out some patches for uclient/ustream-ssl, so I would be
grateful if you could review and test those changes on your device(s), ideally
on all three SSL libs and client/server setup. Thanks!

Cheers,

Petr