Commit 2229aad774 for openssl.org

commit 2229aad774f6c7b7863b68320abf9a9cd134ab3c
Author: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date:   Tue Jun 30 19:12:18 2026 +0900

    apps/s_server.c: fix SSL object leak on rpk_enable() failure

    In www_body() and rev_body(), con = SSL_new(ctx) is called before
    rpk_enable(con), but ownership of con is transferred to ssl_bio only
    later by BIO_set_ssl(..., BIO_CLOSE). If rpk_enable() fails, the code
    jumps to err: before that transfer without freeing con, leaking the SSL
    object.

    Add SSL_free(con) before goto err in both rpk_enable() failure paths,
    matching the adjacent SSL_set_session_id_context() and BIO_new_socket()
    error paths. sv_body() is unaffected because its err: block already
    frees con.

    The global rpk_files is not leaked. Its lifetime is managed
    by s_server_main(), which frees it in the end cleanup block.

    Resolves: https://github.com/openssl/openssl/issues/31769

    Reviewed-by: Matt Caswell <matt@openssl.foundation>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    MergeDate: Wed Jul  1 12:04:13 2026
    (Merged from https://github.com/openssl/openssl/pull/31789)

diff --git a/apps/s_server.c b/apps/s_server.c
index 43b212df7a..e1c601589b 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -4020,6 +4020,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)

     if (rpk_files != NULL && !rpk_enable(con)) {
         BIO_puts(bio_err, "Error enabling client RPK verification\n");
+        SSL_free(con);
         goto err;
     }

@@ -4543,6 +4544,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
     if (rpk_files != NULL && !rpk_enable(con)) {
         BIO_puts(bio_err, "Error enabling client RPK verification\n");
         ERR_print_errors(bio_err);
+        SSL_free(con);
         goto err;
     }