BUG/MINOR: ssl: close ssl key file on error
Explicitly close the FILE opened to read the ssl key file when parsing
fails to find a valid key.
This fix needs to be backported to 1.6.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6635d5c..88d74d2 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5401,6 +5401,7 @@
if (base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(struct tls_sess_key)) != sizeof(struct tls_sess_key)) {
if (err)
memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
+ fclose(f);
return ERR_ALERT | ERR_FATAL;
}
i++;
@@ -5409,6 +5410,7 @@
if (i < TLS_TICKETS_NO) {
if (err)
memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
+ fclose(f);
return ERR_ALERT | ERR_FATAL;
}