Fix memory when initializing DH parameters in backend

When loading DH parameters used for the generation of ephemeral DH keys
in the backend, the code has never bothered releasing the memory used
for the DH information loaded from a file or from libpq's default.  This
commit makes sure that the information is properly free()'d.

Note that as SSL parameters can be reloaded, this can cause an accumulation
of memory .  As the  is minor, no back is done.

Reported-by: Dmitry Uspenskiy
Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 629919cc6e180174d801b6bf76db044e81ad0413..5f0430ded75f6472ab68370b2fb7d51831f529c5 100644 (file)
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1015,8 +1015,11 @@ initialize_dh(SSL_CTX *context, bool isServerStart)
                                (errcode(ERRCODE_CONFIG_FILE_ERROR),
                                 (errmsg("DH: could not set DH parameters: %s",
                                                 SSLerrmessage(ERR_get_error())))));
+               DH_free(dh);
                return false;
        }
+
+       DH_free(dh);
        return true;
 }