about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--irc.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/irc.c b/irc.c
index 5f14c9e..8856030 100644
--- a/irc.c
+++ b/irc.c
@@ -43,12 +43,13 @@
 
 #include "chat.h"
 
-struct tls *client;
+static struct tls_config *config;
+static struct tls *client;
 
 void ircConfig(
 	bool insecure, const char *trust, const char *cert, const char *priv
 ) {
-	struct tls_config *config = tls_config_new();
+	config = tls_config_new();
 	if (!config) errx(EX_SOFTWARE, "tls_config_new");
 
 	int error;
@@ -103,7 +104,6 @@ void ircConfig(
 
 	error = tls_configure(client, config);
 	if (error) errx(EX_SOFTWARE, "tls_configure: %s", tls_error(client));
-	tls_config_free(config);
 }
 
 int ircConnect(const char *bindHost, const char *host, const char *port) {
@@ -201,6 +201,14 @@ void ircSend(const char *ptr, size_t len) {
 		ptr += ret;
 		len -= ret;
 	}
+
+	// Private key data isn't needed anymore after the first write causes the
+	// handshake, but client will keep a reference to config.
+	if (config) {
+		tls_config_clear_keys(config);
+		tls_config_free(config);
+		config = NULL;
+	}
 }
 
 void ircFormat(const char *format, ...) {