Prevent a possible use after free by mimicing the s3_srvr.c fixes contributed by

Adam Langley close to three years ago, which were commited in
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e7928282d0148af5f28fa3437a625a2006af0214

ok jsing@

1 files changed, 1 insertions, 4 deletions

diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c
index 6f1d436d18b..848bc0f0be2 100644
--- a/lib/libssl/src/ssl/d1_srvr.c
+++ b/lib/libssl/src/ssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.35 2014/08/06 20:11:09 miod Exp $ */
 /* 
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -1065,7 +1065,6 @@ dtls1_send_server_key_exchange(SSL *s)
 			}
 
 			if (s->s3->tmp.dh != NULL) {
-				DH_free(dh);
 				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
 				goto err;
 			}
@@ -1110,8 +1109,6 @@ dtls1_send_server_key_exchange(SSL *s)
 			}
 
 			if (s->s3->tmp.ecdh != NULL) {
-				EC_KEY_free(s->s3->tmp.ecdh);
-
 				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
 				goto err;
 			}