Fix memory leak in keys management.

7 files changed, 26 insertions, 9 deletions

diff --git a/src/libserver/protocol.c b/src/libserver/protocol.c
index 4dab60171..4dfec4d7e 100644
--- a/src/libserver/protocol.c
+++ b/src/libserver/protocol.c
@@ -1064,10 +1064,10 @@ rspamd_protocol_write_reply (struct rspamd_task *task)
 
 	msg = rspamd_http_new_message (HTTP_RESPONSE);
 
-	if (task->peer_key) {
-		msg->peer_key = rspamd_http_connection_key_ref (task->peer_key);
+	if (rspamd_http_connection_is_encrypted (task->http_conn)) {
 		msg_info ("<%s> writing encrypted reply", task->message_id);
 	}
+
 	if (!RSPAMD_TASK_IS_JSON (task)) {
 		/* Turn compatibility on */
 		msg->method = HTTP_SYMBOLS;
diff --git a/src/libserver/task.c b/src/libserver/task.c
index 0dd77a1e5..85f4c3ca1 100644
--- a/src/libserver/task.c
+++ b/src/libserver/task.c
@@ -271,9 +271,6 @@ rspamd_task_free (struct rspamd_task *task, gboolean is_soft)
 		if (task->settings != NULL) {
 			ucl_object_unref (task->settings);
 		}
-		if (task->peer_key != NULL) {
-			rspamd_http_connection_key_unref (task->peer_key);
-		}
 		if (task->client_addr) {
 			rspamd_inet_address_destroy (task->client_addr);
 		}
diff --git a/src/libserver/task.h b/src/libserver/task.h
index d4f92fd8d..e845cc9e1 100644
--- a/src/libserver/task.h
+++ b/src/libserver/task.h
@@ -161,7 +161,6 @@ struct rspamd_task {
 	} pre_result;                                               /**< Result of pre-filters							*/
 
 	ucl_object_t *settings;                                     /**< Settings applied to task						*/
-	gpointer peer_key;											/**< Peer's pubkey									*/
 };
 
 /**
diff --git a/src/libutil/http.c b/src/libutil/http.c
index 1a5bc7840..9e95462b4 100644
--- a/src/libutil/http.c
+++ b/src/libutil/http.c
@@ -1830,6 +1830,21 @@ rspamd_http_connection_set_key (struct rspamd_http_connection *conn,
 	priv->local_key = kp;
 }
 
+gboolean
+rspamd_http_connection_is_encrypted (struct rspamd_http_connection *conn)
+{
+	struct rspamd_http_connection_private *priv = conn->priv;
+
+	if (priv->peer_key != NULL) {
+		return TRUE;
+	}
+	else if (priv->msg) {
+		return priv->msg->peer_key != NULL;
+	}
+
+	return FALSE;
+}
+
 void
 rspamd_http_connection_key_unref (gpointer key)
 {
diff --git a/src/libutil/http.h b/src/libutil/http.h
index eef963f9d..3ecfc1c99 100644
--- a/src/libutil/http.h
+++ b/src/libutil/http.h
@@ -182,6 +182,13 @@ gpointer rspamd_http_connection_gen_key (void);
 void rspamd_http_connection_set_key (struct rspamd_http_connection *conn,
 		gpointer key);
 
+/**
+ * Returns TRUE if a connection is encrypted
+ * @param conn
+ * @return
+ */
+gboolean rspamd_http_connection_is_encrypted (struct rspamd_http_connection *conn);
+
 /** Print pubkey */
 #define RSPAMD_KEYPAIR_PUBKEY 0x1
 /** Print secret key */
diff --git a/src/lua/lua_dns.c b/src/lua/lua_dns.c
index 31d17b103..023596cb2 100644
--- a/src/lua/lua_dns.c
+++ b/src/lua/lua_dns.c
@@ -111,11 +111,13 @@ lua_dns_callback (struct rdns_reply *reply, gpointer arg)
 			case RDNS_REQUEST_A:
 				addr = rspamd_inet_address_new (AF_INET, &elt->content.a.addr);
 				rspamd_lua_ip_push (cd->L, addr);
+				rspamd_inet_address_destroy (addr);
 				lua_rawseti (cd->L, -2, ++i);
 				break;
 			case RDNS_REQUEST_AAAA:
 				addr = rspamd_inet_address_new (AF_INET6, &elt->content.aaa.addr);
 				rspamd_lua_ip_push (cd->L, addr);
+				rspamd_inet_address_destroy (addr);
 				lua_rawseti (cd->L, -2, ++i);
 				break;
 			case RDNS_REQUEST_PTR:
diff --git a/src/worker.c b/src/worker.c
index 2598fed58..ddd01f9da 100644
--- a/src/worker.c
+++ b/src/worker.c
@@ -132,9 +132,6 @@ rspamd_worker_body_handler (struct rspamd_http_connection *conn,
 		return 0;
 	}
 
-	if (msg->peer_key) {
-		task->peer_key = rspamd_http_connection_key_ref (msg->peer_key);
-	}
 
 	if (!rspamd_task_process (task, msg, chunk, len, ctx->classify_pool, TRUE)) {
 		task->state = WRITE_REPLY;