diff options
author | Robert Guo <robert.guo@10gen.com> | 2015-04-13 12:39:09 -0400 |
---|---|---|
committer | Ramon Fernandez <ramon.fernandez@mongodb.com> | 2015-04-13 13:33:22 -0400 |
commit | 8e808ee8b4a0f8838218f9b670e8a161784e96dc (patch) | |
tree | d7f66da827203204a02da971855de0e9ead81a60 | |
parent | 78f8f1aaaa3161109a85aada28b9f1c1b225e870 (diff) | |
download | mongo-8e808ee8b4a0f8838218f9b670e8a161784e96dc.tar.gz |
SERVER-17832 Fix Resource Leak on SSL Connect and Accept Exception (v2.6, v3.0)
Closes #950
Signed-off-by: Ramon Fernandez <ramon.fernandez@mongodb.com>
-rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index cec95e4ee51..7ec08da0725 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -866,39 +866,31 @@ namespace mongo { } SSLConnection* SSLManager::connect(Socket* socket) { - SSLConnection* sslConn = new SSLConnection(_clientContext, socket, NULL, 0); - ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl); - ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO); + std::auto_ptr<SSLConnection> sslConn(new SSLConnection(_clientContext, socket, NULL, 0)); int ret; do { ret = ::SSL_connect(sslConn->ssl); - } while(!_doneWithSSLOp(sslConn, ret)); + } while(!_doneWithSSLOp(sslConn.get(), ret)); if (ret != 1) - _handleSSLError(SSL_get_error(sslConn, ret), ret); + _handleSSLError(SSL_get_error(sslConn.get(), ret), ret); - sslGuard.Dismiss(); - bioGuard.Dismiss(); - return sslConn; + return sslConn.release(); } SSLConnection* SSLManager::accept(Socket* socket, const char* initialBytes, int len) { - SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len); - ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl); - ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO); + std::auto_ptr<SSLConnection> sslConn(new SSLConnection(_serverContext, socket, initialBytes, len)); int ret; do { ret = ::SSL_accept(sslConn->ssl); - } while(!_doneWithSSLOp(sslConn, ret)); + } while(!_doneWithSSLOp(sslConn.get(), ret)); if (ret != 1) - _handleSSLError(SSL_get_error(sslConn, ret), ret); + _handleSSLError(SSL_get_error(sslConn.get(), ret), ret); - sslGuard.Dismiss(); - bioGuard.Dismiss(); - return sslConn; + return sslConn.release(); } // TODO SERVER-11601 Use NFC Unicode canonicalization |