From abc9dbdf9eed2f2295f89636b8bdc5a4ce912bb8 Mon Sep 17 00:00:00 2001
From: Kevin Easton <caf@bitchx.org>
Date: Sun, 3 Dec 2017 00:54:44 +1100
Subject: [PATCH] Use SSL_free() when closing an SSL server connection

This avoids leaking memory.

Also change to always call SSL_shutdown() regardless of whether a QUIT message was sent.  No
need to call SSL_shutdown() from write_to_server(), close_server() will do it for us.

Remove "Closing SSL connection" message.
---
 Changelog       |  2 ++
 source/server.c | 25 ++++++++++++-------------
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/Changelog b/Changelog
index 91a00f5..a71919d 100644
--- a/Changelog
+++ b/Changelog
@@ -1,5 +1,7 @@
 [Changes 1.2.2]
 
+* Fix memory leak when reconnecting to SSL servers. (caf)
+
 * Add SSL version and cipher to SSL connect message. (caf)
 
 * Add BITCHXRC_NAME to config.h. (caf)
diff --git a/source/server.c b/source/server.c
index a5e8ad3..e035d7c 100644
--- a/source/server.c
+++ b/source/server.c
@@ -152,15 +152,19 @@ void	BX_close_server (int cs_index, char *message)
 			strlcat(buffer, "\r\n", sizeof buffer);
 #ifdef HAVE_LIBSSL
 			if (get_server_ssl(cs_index))
-			{
 				SSL_write(server_list[cs_index].ssl_fd, buffer, strlen(buffer));
-				say("Closing SSL connection");
-				SSL_shutdown(server_list[cs_index].ssl_fd);
-			}
 			else
 #endif
-				send(server_list[cs_index].write, buffer, strlen(buffer), 0);
+				write(server_list[cs_index].write, buffer, strlen(buffer));
 		}
+#ifdef HAVE_LIBSSL
+		if (get_server_ssl(cs_index))
+		{
+			SSL_shutdown(server_list[cs_index].ssl_fd);
+			SSL_free(server_list[cs_index].ssl_fd);
+			server_list[cs_index].ssl_fd = NULL;
+		}
+#endif
 		new_close(server_list[cs_index].write);
 	}
 	if (server_list[cs_index].read > -1)
@@ -2441,11 +2445,10 @@ void 	got_my_userhost (UserhostItem *item, char *nick, char *stuff)
 	lame_resolv(item->host, &server_list[from_server].uh_addr);
 }
 
-
-
 static int write_to_server(int server, int des, char *buffer)
 {
-int err = 0;
+	int err = 0;
+
 	if (do_hook(SEND_TO_SERVER_LIST, "%d %d %s", server, des, buffer))
 	{
 		if (serv_output_func)
@@ -2465,14 +2468,10 @@ int err = 0;
 			else
 #endif
 				err = write(des, buffer, strlen(buffer));
-	}
+		}
 		if ((err == -1) && !get_int_var(NO_FAIL_DISCONNECT_VAR))
 		{
 			say("Write to server failed.  Closing connection.");
-#ifdef HAVE_LIBSSL
-			if(get_server_ssl(server))
-				SSL_shutdown (server_list[server].ssl_fd);
-#endif
 			close_server(server, strerror(errno));
 			get_connected(server, server);
 		}