From 33ace5610cf410fb4d0e7f541a9d2576aeeeed11 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Tue, 6 Nov 2001 20:52:59 +0000
Subject: [PATCH] Added ldap_pvt_tls_destroy() to cleanup TLS library on
 shutdown

---
 include/ldap_pvt.h      |  1 +
 libraries/libldap/tls.c | 11 +++++++++++
 servers/slapd/main.c    |  4 ++++
 3 files changed, 16 insertions(+)

diff --git a/include/ldap_pvt.h b/include/ldap_pvt.h
index 42d8249af5..c280da85a3 100644
--- a/include/ldap_pvt.h
+++ b/include/ldap_pvt.h
@@ -173,6 +173,7 @@ LDAP_F (int) ldap_pvt_tls_get_option LDAP_P(( struct ldap *ld,
 LDAP_F (int) ldap_pvt_tls_set_option LDAP_P(( struct ldap *ld,
 	int option, void *arg ));
 
+LDAP_F (void) ldap_pvt_tls_destroy LDAP_P(( void ));
 LDAP_F (int) ldap_pvt_tls_init LDAP_P(( void ));
 LDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg ));
 LDAP_F (int) ldap_pvt_tls_inplace LDAP_P(( Sockbuf *sb ));
diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index 4cfd6a93dd..01f6f0f0b4 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -97,6 +97,17 @@ static void tls_init_threads( void )
 }
 #endif /* LDAP_R_COMPILE */
 
+/*
+ * Tear down the TLS subsystem. Should only be called once.
+ */
+void
+ldap_pvt_tls_destroy( void )
+{
+	SSL_CTX_free(tls_def_ctx);
+	EVP_cleanup();
+	ERR_free_strings();
+}
+
 /*
  * Initialize TLS subsystem. Should be called only once.
  */
diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index 66e90f79c6..785806497e 100644
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -542,6 +542,10 @@ stop:
 #endif
 	slapd_daemon_destroy();
 
+#ifdef HAVE_TLS
+	ldap_pvt_tls_destroy();
+#endif
+
 #ifdef CSRIMALLOC
 	mal_dumpleaktrace( leakfile );
 #endif
-- 
GitLab