diff --git a/libssh2-1.7.0-openssl11-memleak.patch b/libssh2-1.7.0-openssl11-memleak.patch new file mode 100644 index 0000000..94f88c0 --- /dev/null +++ b/libssh2-1.7.0-openssl11-memleak.patch @@ -0,0 +1,38 @@ +From c43eb3bae2b63affe5b16bfdab028a65cdc055db Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Thu, 20 Oct 2016 17:22:31 +0200 +Subject: [PATCH] Revert "aes: the init function fails when OpenSSL has AES + support" + +This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864 +because it caused the compatibility code to call initialization routines +redundantly, leading to memory leakage with OpenSSL 1.1 and broken curl +test-suite in Fedora: + +88 bytes in 1 blocks are definitely lost in loss record 5 of 8 + at 0x4C2DB8D: malloc (vg_replace_malloc.c:299) + by 0x72C607D: CRYPTO_zalloc (mem.c:100) + by 0x72A2480: EVP_CIPHER_meth_new (cmeth_lib.c:18) + by 0x4E5A550: make_ctr_evp.isra.0 (openssl.c:407) + by 0x4E5A8E8: _libssh2_init_aes_ctr (openssl.c:471) + by 0x4E5BB5A: libssh2_init (global.c:49) +--- + src/openssl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/openssl.c b/src/openssl.c +index a31e2dd..4f63ef9 100644 +--- a/src/openssl.c ++++ b/src/openssl.c +@@ -265,7 +265,7 @@ _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, + return ret == 1 ? 0 : 1; + } + +-#if LIBSSH2_AES_CTR ++#if LIBSSH2_AES_CTR && !defined(HAVE_EVP_AES_128_CTR) + + #include + #include +-- +2.7.4 +