When a user sets the user ssl ctx using mosquitto_opts_set(mosq, MOSQ_OPT_SSL_CTX, user_ctx), Mosquitto adds a context reference and stores it in mosq->user_ssl_ctx.
Only after a successful call to net__try_connect (indicating a successful TCP connection), do we pass the mosq->user_ssl_ctx to mosq->ssl_ctx during net__init_ssl_ctx.
In the mosquitto_destroy function, we currently only free the mosq->ssl_ctx.
However, if a user sets the user ssl ctx and mosquitto_connect fails due to network unavailability, calling mosquitto_destroy will leak the user ssl ctx.
Suggestions
When a user sets the user ssl ctx, we should free mosq->user_ssl_ctx instead of mosq->ssl_ctx in the mosquitto_destroy function.
Issue Description
Version: v2.0.18 Platform: Ubuntu 22
Analysis
When a user sets the
user ssl ctx
usingmosquitto_opts_set(mosq, MOSQ_OPT_SSL_CTX, user_ctx)
, Mosquitto adds a context reference and stores it inmosq->user_ssl_ctx
.Only after a successful call to
net__try_connect
(indicating a successful TCP connection), do we pass themosq->user_ssl_ctx
tomosq->ssl_ctx
duringnet__init_ssl_ctx
.In the
mosquitto_destroy
function, we currently only free themosq->ssl_ctx
.However, if a user sets the
user ssl ctx
andmosquitto_connect
fails due to network unavailability, callingmosquitto_destroy
will leak theuser ssl ctx
.Suggestions
When a user sets the
user ssl ctx
, we should freemosq->user_ssl_ctx
instead ofmosq->ssl_ctx
in themosquitto_destroy
function.