Fix memory leak on failure.

Match the server logic to the client state machine and free if BUF_MEM_grow
fails.

Change-Id: I1a249f7b8c222cd710e969e17a1cba1f469f73e3

ssl/d1_srvr.c

@@ -130,7 +130,7 @@ static int dtls1_send_hello_verify_request(SSL *s);
 
 int dtls1_accept(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf = NULL;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	unsigned long alg_a;
 	int ret= -1;
@@ -184,6 +184,7 @@ int dtls1_accept(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf = NULL;
 				}
 
 			if (!ssl3_setup_buffers(s))
@@ -588,7 +589,8 @@ end:
 	/* BIO_flush(s->wbio); */
 
 	s->in_handshake--;
-
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_ACCEPT_EXIT,ret);
 	return(ret);

ssl/s23_srvr.c

@@ -123,7 +123,7 @@ static int ssl23_get_v2_client_hello(SSL *s);
 
 int ssl23_accept(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf = NULL;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
 	int new_state,state;
@@ -166,6 +166,7 @@ int ssl23_accept(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf = NULL;
 				}
 
 			if (!ssl3_init_finished_mac(s))
@@ -229,6 +230,8 @@ int ssl23_accept(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_ACCEPT_EXIT,ret);
 	return(ret);

ssl/s3_srvr.c

@@ -174,7 +174,7 @@
 
 int ssl3_accept(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf = NULL;
 	unsigned long alg_a;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
@@ -228,6 +228,7 @@ int ssl3_accept(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf = NULL;
 				}
 
 			if (!ssl3_setup_buffers(s))
@@ -666,6 +667,8 @@ end:
 	/* BIO_flush(s->wbio); */
 
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_ACCEPT_EXIT,ret);
 	return(ret);