From f6290f423b063833b2386dce00e2ad62443105ce Mon Sep 17 00:00:00 2001
From: "rrelyea%redhat.com" <rrelyea%redhat.com>
Date: Thu, 30 Mar 2006 21:07:22 +0000
Subject: [PATCH] From Bug 331279. Free ECDHE Ephemeral key. Fixes server-side
 leak. r=julien r=alexei

---
 security/nss/lib/ssl/sslsock.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
index 8e883004c85b..10ed1f82f002 100644
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -40,7 +40,7 @@
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
-/* $Id: sslsock.c,v 1.46 2006/01/18 23:06:57 wtchang%redhat.com Exp $ */
+/* $Id: sslsock.c,v 1.47 2006/03/30 21:07:22 rrelyea%redhat.com Exp $ */
 #include "seccomon.h"
 #include "cert.h"
 #include "keyhi.h"
@@ -298,6 +298,8 @@ ssl_DupSocket(sslSocket *os)
 	    }
 	    ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
 		                  ssl3_GetKeyPairRef(os->stepDownKeyPair);
+	    ss->ephemeralECDHKeyPair = !os->ephemeralECDHKeyPair ? NULL :
+		                  ssl3_GetKeyPairRef(os->ephemeralECDHKeyPair);
 /*
  * XXX the preceeding CERT_ and SECKEY_ functions can fail and return NULL.
  * XXX We should detect this, and not just march on with NULL pointers.
@@ -403,6 +405,10 @@ ssl_DestroySocketContents(sslSocket *ss)
 	ssl3_FreeKeyPair(ss->stepDownKeyPair);
 	ss->stepDownKeyPair = NULL;
     }
+    if (ss->ephemeralECDHKeyPair) {
+	ssl3_FreeKeyPair(ss->ephemeralECDHKeyPair);
+	ss->ephemeralECDHKeyPair = NULL;
+    }
 }
 
 /*