BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed

When an error occurred in the function bind_parse_tls_ticket_keys(), during the
configuration parsing, the opened file is not always closed. To fix the bug, all
errors are catched at the same place, where all ressources are released.

This patch fixes the bug #325. It must be backported as far as 1.7.

src/ssl_sock.c

@@ -8488,15 +8488,15 @@ static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, str
 static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
 {
 #if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
-	FILE *f;
+	FILE *f = NULL;
 	int i = 0;
 	char thisline[LINESIZE];
-	struct tls_keys_ref *keys_ref;
+	struct tls_keys_ref *keys_ref = NULL;
 
 	if (!*args[cur_arg + 1]) {
 		if (err)
 			memprintf(err, "'%s' : missing TLS ticket keys file path", args[cur_arg]);
-		return ERR_ALERT | ERR_FATAL;
+		goto fail;
 	}
 
 	keys_ref = tlskeys_ref_lookup(args[cur_arg + 1]);
@@ -8506,36 +8506,31 @@ static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px
 		return 0;
 	}
 
-	keys_ref = malloc(sizeof(*keys_ref));
+	keys_ref = calloc(1, sizeof(*keys_ref));
 	if (!keys_ref) {
 		if (err)
 			 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
-		return ERR_ALERT | ERR_FATAL;
+		goto fail;
 	}
 
 	keys_ref->tlskeys = malloc(TLS_TICKETS_NO * sizeof(union tls_sess_key));
 	if (!keys_ref->tlskeys) {
-		free(keys_ref);
 		if (err)
 			 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
-		return ERR_ALERT | ERR_FATAL;
+		goto fail;
 	}
 
 	if ((f = fopen(args[cur_arg + 1], "r")) == NULL) {
-		free(keys_ref->tlskeys);
-		free(keys_ref);
 		if (err)
 			memprintf(err, "'%s' : unable to load ssl tickets keys file", args[cur_arg+1]);
-		return ERR_ALERT | ERR_FATAL;
+		goto fail;
 	}
 
 	keys_ref->filename = strdup(args[cur_arg + 1]);
 	if (!keys_ref->filename) {
-		free(keys_ref->tlskeys);
-		free(keys_ref);
 		if (err)
 			 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
-		return ERR_ALERT | ERR_FATAL;
+		goto fail;
 	}
 
 	keys_ref->key_size_bits = 0;
@@ -8552,13 +8547,9 @@ static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px
 
 		dec_size = base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(union tls_sess_key));
 		if (dec_size < 0) {
-			free(keys_ref->filename);
-			free(keys_ref->tlskeys);
-			free(keys_ref);
 			if (err)
 				memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
-			fclose(f);
+			goto fail;
-			return ERR_ALERT | ERR_FATAL;
 		}
 		else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_128))) {
 			keys_ref->key_size_bits = 128;
@@ -8569,25 +8560,17 @@ static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px
 		else if (((dec_size != sizeof(struct tls_sess_key_128)) && (dec_size != sizeof(struct tls_sess_key_256)))
 			 || ((dec_size == sizeof(struct tls_sess_key_128) && (keys_ref->key_size_bits != 128)))
 			 || ((dec_size == sizeof(struct tls_sess_key_256) && (keys_ref->key_size_bits != 256)))) {
-			free(keys_ref->filename);
-			free(keys_ref->tlskeys);
-			free(keys_ref);
 			if (err)
 				memprintf(err, "'%s' : wrong sized key on line %d", args[cur_arg+1], i + 1);
-			fclose(f);
+			goto fail;
-			return ERR_ALERT | ERR_FATAL;
 		}
 		i++;
 	}
 
 	if (i < TLS_TICKETS_NO) {
-		free(keys_ref->filename);
-		free(keys_ref->tlskeys);
-		free(keys_ref);
 		if (err)
 			memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
-		fclose(f);
+		goto fail;
-		return ERR_ALERT | ERR_FATAL;
 	}
 
 	fclose(f);
@@ -8603,6 +8586,17 @@ static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px
 	LIST_ADD(&tlskeys_reference, &keys_ref->list);
 
 	return 0;
+
+  fail:
+	if (f)
+		fclose(f);
+	if (keys_ref) {
+		free(keys_ref->filename);
+		free(keys_ref->tlskeys);
+		free(keys_ref);
+	}
+	return ERR_ALERT | ERR_FATAL;
+
 #else
 	if (err)
 		memprintf(err, "'%s' : TLS ticket callback extension not supported", args[cur_arg]);