Fix: OpenSSL memory leaks and vulnerabilities associated with older SSL/TLS protocols #591

dnzbk · 2025-06-20T10:12:41Z

Description

Fixed memory leaks caused by unreleased per-thread OpenSSL resources.
Security Improvement: Migrated from SSLv23_method() to TLS_method() to mitigate known vulnerabilities associated with older SSL/TLS protocols and enforce the use of modern, secure TLS protocols supported.
Updated OpenSSL API usage to remove deprecated functions and improve compatibility.
Resolved compiler warnings for cleaner and more maintainable code.
Deprecated building the app without TLS support (to be removed in future releases).
Refactored code to use std::string instead of CString for improved string handling.

Fix: memory leaks

e51d7dc

dnzbk requested review from phnzb and luckedea June 20, 2025 10:12

dnzbk linked an issue Jun 20, 2025 that may be closed by this pull request

Memory leak #536

Closed

1 task

luckedea approved these changes Jun 20, 2025

View reviewed changes

dnzbk merged commit 898e6fa into develop Jun 20, 2025
21 checks passed

dnzbk deleted the fix/memory-leaks branch June 20, 2025 17:12