tests: Call disable_secmem() before ssh_init()

ssh_init calls ssh_crypto_init() which initializes the secure memory of
gcrypt. Those should actually be just called by the application once.
Lets do that.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 2966a4a33c)

.gitlab-ci.yml

@@ -121,7 +121,7 @@ review:
 ###############################################################################
 #                               CentOS builds                                 #
 ###############################################################################
-centos10s/openssl_3.2.x/x86_64:
+centos10s/openssl_3.5.x/x86_64:
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS10_BUILD
   extends: .tests
   variables:
@@ -132,7 +132,7 @@ centos10s/openssl_3.2.x/x86_64:
       make -j$(nproc) &&
       ctest --output-on-failure
 
-centos10s/openssl_3.2.x/x86_64/fips:
+centos10s/openssl_3.5.x/x86_64/fips:
   extends: .fips
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS10_BUILD
   variables:
@@ -143,7 +143,7 @@ centos10s/openssl_3.2.x/x86_64/fips:
       make -j$(nproc) &&
       OPENSSL_FORCE_FIPS_MODE=1 ctest --output-on-failure
 
-centos9s/openssl_3.0.x/x86_64:
+centos9s/openssl_3.5.x/x86_64:
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS9_BUILD
   extends: .tests
   variables:
@@ -160,7 +160,7 @@ centos9s/mbedtls_2.x/x86_64:
   variables:
     CMAKE_ADDITIONAL_OPTIONS: "-DWITH_MBEDTLS=ON -DWITH_DEBUG_CRYPTO=ON -DWITH_BLOWFISH_CIPHER=OFF"
 
-centos9s/openssl_3.0.x/x86_64/fips:
+centos9s/openssl_3.5.x/x86_64/fips:
   extends: .fips
   image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$CENTOS9_BUILD
   script:

include/libssh/crypto.h

@@ -223,9 +223,6 @@ int sshkdf_derive_key(struct ssh_crypto_struct *crypto,
                       size_t requested_len);
 
 int secure_memcmp(const void *s1, const void *s2, size_t n);
-#if defined(HAVE_LIBCRYPTO) && !defined(WITH_PKCS11_PROVIDER)
-ENGINE *pki_get_engine(void);
-#endif /* HAVE_LIBCRYPTO */
 
 void compress_cleanup(struct ssh_crypto_struct *crypto);
 

include/libssh/libcrypto.h

@@ -121,6 +121,15 @@ typedef BN_CTX* bignum_CTX;
 
 ssh_string pki_key_make_ecpoint_string(const EC_GROUP *g, const EC_POINT *p);
 int pki_key_ecgroup_name_to_nid(const char *group);
+
+#if defined(WITH_PKCS11_URI)
+#if defined(WITH_PKCS11_PROVIDER)
+int pki_load_pkcs11_provider(void);
+#else
+ENGINE *pki_get_engine(void);
+#endif
+#endif /* WITH_PKCS11_PROVIDER */
+
 #endif /* HAVE_LIBCRYPTO */
 
 #endif /* LIBCRYPTO_H_ */

src/libcrypto.c

@@ -49,8 +49,9 @@
 #include <openssl/rsa.h>
 #include <openssl/hmac.h>
 #else
-#include <openssl/param_build.h>
 #include <openssl/core_names.h>
+#include <openssl/param_build.h>
+#include <openssl/provider.h>
 #endif /* OPENSSL_VERSION_NUMBER */
 #include <openssl/rand.h>
 #if defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER)
@@ -96,7 +97,37 @@ void ssh_reseed(void){
 #endif
 }
 
-#if defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER)
+#if defined(WITH_PKCS11_URI)
+#if defined(WITH_PKCS11_PROVIDER)
+static OSSL_PROVIDER *provider = NULL;
+static bool pkcs11_provider_failed = false;
+
+int pki_load_pkcs11_provider(void)
+{
+    if (OSSL_PROVIDER_available(NULL, "pkcs11") == 1) {
+        /* the provider is already available.
+         * Loaded through a configuration file? */
+        return SSH_OK;
+    }
+
+    if (pkcs11_provider_failed) {
+        /* the loading failed previously -- do not retry */
+        return SSH_ERROR;
+    }
+
+    provider = OSSL_PROVIDER_try_load(NULL, "pkcs11", 1);
+    if (provider != NULL) {
+        return SSH_OK;
+    }
+
+    SSH_LOG(SSH_LOG_TRACE,
+            "Failed to load the pkcs11 provider: %s",
+            ERR_error_string(ERR_get_error(), NULL));
+    /* Do not attempt to load it again */
+    pkcs11_provider_failed = true;
+    return SSH_ERROR;
+}
+#else
 static ENGINE *engine = NULL;
 
 ENGINE *pki_get_engine(void)
@@ -128,7 +159,8 @@ ENGINE *pki_get_engine(void)
     }
     return engine;
 }
-#endif /* defined(WITH_PKCS11_URI) && !defined(WITH_PKCS11_PROVIDER) */
+#endif /* defined(WITH_PKCS11_PROVIDER) */
+#endif /* defined(WITH_PKCS11_URI) */
 
 #ifdef HAVE_OPENSSL_EVP_KDF_CTX
 #if OPENSSL_VERSION_NUMBER < 0x30000000L
@@ -1402,6 +1434,14 @@ void ssh_crypto_finalize(void)
         engine = NULL;
     }
 #endif
+#if defined(WITH_PKCS11_URI)
+#if defined(WITH_PKCS11_PROVIDER)
+    if (provider != NULL) {
+        OSSL_PROVIDER_unload(provider);
+        provider = NULL;
+    }
+#endif /* WITH_PKCS11_PROVIDER */
+#endif /* WITH_PKCS11_URI */
 
     libcrypto_initialized = 0;
 }

src/pki_crypto.c

@@ -46,7 +46,6 @@
 #include <openssl/param_build.h>
 #if defined(WITH_PKCS11_URI) && defined(WITH_PKCS11_PROVIDER)
 #include <openssl/store.h>
-#include <openssl/provider.h>
 #endif
 #endif /* OPENSSL_VERSION_NUMBER */
 
@@ -1429,6 +1428,8 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
     if (buffer == NULL) {
         return NULL;
     }
+    /* The buffer will contain sensitive information. Make sure it is erased */
+    ssh_buffer_set_secure(buffer);
 
     if (key->cert != NULL) {
         rc = ssh_buffer_add_buffer(buffer, key->cert);
@@ -2719,9 +2720,6 @@ error:
 }
 
 #ifdef WITH_PKCS11_URI
-#ifdef WITH_PKCS11_PROVIDER
-static bool pkcs11_provider_failed = false;
-#endif
 
 /**
  * @internal
@@ -2787,19 +2785,10 @@ int pki_uri_import(const char *uri_name,
 
     /* The provider can be either configured in openssl.cnf or dynamically
      * loaded, assuming it does not need any special configuration */
-    if (OSSL_PROVIDER_available(NULL, "pkcs11") == 0 &&
-        !pkcs11_provider_failed) {
-        OSSL_PROVIDER *pkcs11_provider = NULL;
-
-        pkcs11_provider = OSSL_PROVIDER_try_load(NULL, "pkcs11", 1);
-        if (pkcs11_provider == NULL) {
-            SSH_LOG(SSH_LOG_TRACE,
-                    "Failed to initialize provider: %s",
-                    ERR_error_string(ERR_get_error(), NULL));
-            /* Do not attempt to load it again */
-            pkcs11_provider_failed = true;
-            goto fail;
-        }
+    rv = pki_load_pkcs11_provider();
+    if (rv != SSH_OK) {
+        SSH_LOG(SSH_LOG_TRACE, "Failed to load or initialize pkcs11 provider");
+        goto fail;
     }
 
     store = OSSL_STORE_open(uri_name, NULL, NULL, NULL, NULL);

src/pki_gcrypt.c

@@ -1409,6 +1409,8 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
     if (buffer == NULL) {
         return NULL;
     }
+    /* The buffer will contain sensitive information. Make sure it is erased */
+    ssh_buffer_set_secure(buffer);
 
     if (key->cert != NULL) {
         rc = ssh_buffer_add_buffer(buffer, key->cert);

src/pki_mbedcrypto.c

@@ -864,7 +864,12 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
     ssh_string type_s = NULL;
     ssh_string e = NULL;
     ssh_string n = NULL;
+    ssh_string p = NULL;
+    ssh_string q = NULL;
+    ssh_string d = NULL;
+    ssh_string iqmp = NULL;
     ssh_string str = NULL;
+    int rc;
 #if MBEDTLS_VERSION_MAJOR > 2
     mbedtls_mpi E = {0};
     mbedtls_mpi N = {0};
@@ -872,18 +877,21 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
     mbedtls_mpi IQMP = {0};
     mbedtls_mpi P = {0};
     mbedtls_mpi Q = {0};
-#endif
-    int rc;
 
-#if MBEDTLS_VERSION_MAJOR > 2
     mbedtls_mpi_init(&E);
     mbedtls_mpi_init(&N);
+    mbedtls_mpi_init(&D);
+    mbedtls_mpi_init(&IQMP);
+    mbedtls_mpi_init(&P);
+    mbedtls_mpi_init(&Q);
 #endif
 
     buffer = ssh_buffer_new();
     if (buffer == NULL) {
         return NULL;
     }
+    /* The buffer will contain sensitive information. Make sure it is erased */
+    ssh_buffer_set_secure(buffer);
 
     if (key->cert != NULL) {
         rc = ssh_buffer_add_buffer(buffer, key->cert);
@@ -909,279 +917,241 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
     }
 
     switch (key->type) {
-        case SSH_KEYTYPE_RSA: {
-            mbedtls_rsa_context *rsa;
-            if (mbedtls_pk_can_do(key->pk, MBEDTLS_PK_RSA) == 0) {
-                SSH_BUFFER_FREE(buffer);
-                return NULL;
-            }
+    case SSH_KEYTYPE_RSA: {
+        mbedtls_rsa_context *rsa = NULL;
+        mbedtls_mpi *E_ptr = NULL, *N_ptr = NULL;
 
-            rsa = mbedtls_pk_rsa(*key->pk);
-
-#if MBEDTLS_VERSION_MAJOR > 2
-            rc = mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E);
-            if (rc != 0) {
-                goto fail;
-            }
-
-            e = ssh_make_bignum_string(&E);
-            if (e == NULL) {
-                goto fail;
-            }
-
-            n = ssh_make_bignum_string(&N);
-            if (n == NULL) {
-                goto fail;
-            }
-#else
-            e = ssh_make_bignum_string(&rsa->E);
-            if (e == NULL) {
-                goto fail;
-            }
-
-            n = ssh_make_bignum_string(&rsa->N);
-            if (n == NULL) {
-                goto fail;
-            }
-#endif
-
-            if (type == SSH_KEY_PUBLIC) {
-                /* The N and E parts are swapped in the public key export ! */
-                rc = ssh_buffer_add_ssh_string(buffer, e);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-                rc = ssh_buffer_add_ssh_string(buffer, n);
-                if (rc < 0) {
-                    goto fail;
-                }
-            } else if (type == SSH_KEY_PRIVATE) {
-                ssh_string p = NULL;
-                ssh_string q = NULL;
-                ssh_string d = NULL;
-                ssh_string iqmp = NULL;
-
-                rc = ssh_buffer_add_ssh_string(buffer, n);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-                rc = ssh_buffer_add_ssh_string(buffer, e);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-#if MBEDTLS_VERSION_MAJOR > 2
-                rc = mbedtls_rsa_export(rsa, NULL, &P, &Q, &D, NULL);
-                if (rc != 0) {
-                    goto fail;
-                }
-
-                p = ssh_make_bignum_string(&P);
-                if (p == NULL) {
-                    goto fail;
-                }
-
-                q = ssh_make_bignum_string(&Q);
-                if (q == NULL) {
-                    goto fail;
-                }
-
-                d = ssh_make_bignum_string(&D);
-                if (d == NULL) {
-                    goto fail;
-                }
-                rc = mbedtls_rsa_export_crt(rsa, NULL, NULL, &IQMP);
-                if (rc != 0) {
-                    goto fail;
-                }
-
-                iqmp = ssh_make_bignum_string(&IQMP);
-                if (iqmp == NULL) {
-                    goto fail;
-                }
-
-#else
-                p = ssh_make_bignum_string(&rsa->P);
-                if (p == NULL) {
-                    goto fail;
-                }
-
-                q = ssh_make_bignum_string(&rsa->Q);
-                if (q == NULL) {
-                    goto fail;
-                }
-
-                d = ssh_make_bignum_string(&rsa->D);
-                if (d == NULL) {
-                    goto fail;
-                }
-
-                iqmp = ssh_make_bignum_string(&rsa->QP);
-                if (iqmp == NULL) {
-                    goto fail;
-                }
-#endif
-
-                rc = ssh_buffer_add_ssh_string(buffer, d);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-                rc = ssh_buffer_add_ssh_string(buffer, iqmp);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-                rc = ssh_buffer_add_ssh_string(buffer, p);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-                rc = ssh_buffer_add_ssh_string(buffer, q);
-                if (rc < 0) {
-                    goto fail;
-                }
-
-                ssh_string_burn(d);
-                SSH_STRING_FREE(d);
-                d = NULL;
-                ssh_string_burn(iqmp);
-                SSH_STRING_FREE(iqmp);
-                iqmp = NULL;
-                ssh_string_burn(p);
-                SSH_STRING_FREE(p);
-                p = NULL;
-                ssh_string_burn(q);
-                SSH_STRING_FREE(q);
-                q = NULL;
-            }
-            ssh_string_burn(e);
-            SSH_STRING_FREE(e);
-            e = NULL;
-            ssh_string_burn(n);
-            SSH_STRING_FREE(n);
-            n = NULL;
-            break;
+        if (mbedtls_pk_can_do(key->pk, MBEDTLS_PK_RSA) == 0) {
+            SSH_BUFFER_FREE(buffer);
+            return NULL;
         }
-        case SSH_KEYTYPE_ECDSA_P256:
-        case SSH_KEYTYPE_ECDSA_P384:
-        case SSH_KEYTYPE_ECDSA_P521:
-        case SSH_KEYTYPE_SK_ECDSA:
-            type_s =
-                ssh_string_from_char(pki_key_ecdsa_nid_to_char(key->ecdsa_nid));
-            if (type_s == NULL) {
-                SSH_BUFFER_FREE(buffer);
-                return NULL;
-            }
 
-            rc = ssh_buffer_add_ssh_string(buffer, type_s);
-            SSH_STRING_FREE(type_s);
+        rsa = mbedtls_pk_rsa(*key->pk);
+#if MBEDTLS_VERSION_MAJOR > 2
+        rc = mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E);
+        if (rc != 0) {
+            goto out;
+        }
+
+        E_ptr = &E;
+        N_ptr = &N;
+#else
+        E_ptr = &rsa->E;
+        N_ptr = &rsa->N;
+#endif
+
+        e = ssh_make_bignum_string(E_ptr);
+        if (e == NULL) {
+            goto out;
+        }
+
+        n = ssh_make_bignum_string(N_ptr);
+        if (n == NULL) {
+            goto out;
+        }
+
+        if (type == SSH_KEY_PUBLIC) {
+            /* The N and E parts are swapped in the public key export ! */
+            rc = ssh_buffer_add_ssh_string(buffer, e);
             if (rc < 0) {
-                SSH_BUFFER_FREE(buffer);
-                return NULL;
+                goto out;
             }
 
-            e = make_ecpoint_string(&key->ecdsa->MBEDTLS_PRIVATE(grp),
-                            &key->ecdsa->MBEDTLS_PRIVATE(Q));
+            rc = ssh_buffer_add_ssh_string(buffer, n);
+            if (rc < 0) {
+                goto out;
+            }
+        } else if (type == SSH_KEY_PRIVATE) {
+            mbedtls_mpi *P_ptr = NULL, *Q_ptr = NULL, *D_ptr = NULL;
+            mbedtls_mpi *IQMP_ptr = NULL;
 
-            if (e == NULL) {
-                SSH_BUFFER_FREE(buffer);
-                return NULL;
+            rc = ssh_buffer_add_ssh_string(buffer, n);
+            if (rc < 0) {
+                goto out;
             }
 
             rc = ssh_buffer_add_ssh_string(buffer, e);
             if (rc < 0) {
-                goto fail;
+                goto out;
             }
 
-            ssh_string_burn(e);
-            SSH_STRING_FREE(e);
-            e = NULL;
+#if MBEDTLS_VERSION_MAJOR > 2
+            rc = mbedtls_rsa_export(rsa, NULL, &P, &Q, &D, NULL);
+            if (rc != 0) {
+                goto out;
+            }
 
-            if (type == SSH_KEY_PRIVATE) {
-                ssh_string d = NULL;
-                d = ssh_make_bignum_string(&key->ecdsa->MBEDTLS_PRIVATE(d));
+            rc = mbedtls_rsa_export_crt(rsa, NULL, NULL, &IQMP);
+            if (rc != 0) {
+                goto out;
+            }
 
-                if (d == NULL) {
-                    SSH_BUFFER_FREE(buffer);
-                    return NULL;
-                }
+            P_ptr = &P;
+            Q_ptr = &Q;
+            D_ptr = &D;
+            IQMP_ptr = &IQMP;
+#else
+            P_ptr = &rsa->P;
+            Q_ptr = &rsa->Q;
+            D_ptr = &rsa->D;
+            IQMP_ptr = &rsa->QP;
+#endif
 
-                rc = ssh_buffer_add_ssh_string(buffer, d);
-                if (rc < 0) {
-                    goto fail;
-                }
+            p = ssh_make_bignum_string(P_ptr);
+            if (p == NULL) {
+                goto out;
+            }
 
-                ssh_string_burn(d);
-                SSH_STRING_FREE(d);
-                d = NULL;
-            } else if (key->type == SSH_KEYTYPE_SK_ECDSA) {
-                /* public key can contain certificate sk information */
+            q = ssh_make_bignum_string(Q_ptr);
+            if (q == NULL) {
+                goto out;
+            }
+
+            d = ssh_make_bignum_string(D_ptr);
+            if (d == NULL) {
+                goto out;
+            }
+
+            iqmp = ssh_make_bignum_string(IQMP_ptr);
+            if (iqmp == NULL) {
+                goto out;
+            }
+
+            rc = ssh_buffer_add_ssh_string(buffer, d);
+            if (rc < 0) {
+                goto out;
+            }
+
+            rc = ssh_buffer_add_ssh_string(buffer, iqmp);
+            if (rc < 0) {
+                goto out;
+            }
+
+            rc = ssh_buffer_add_ssh_string(buffer, p);
+            if (rc < 0) {
+                goto out;
+            }
+
+            rc = ssh_buffer_add_ssh_string(buffer, q);
+            if (rc < 0) {
+                goto out;
+            }
+        }
+        break;
+    }
+    case SSH_KEYTYPE_ECDSA_P256:
+    case SSH_KEYTYPE_ECDSA_P384:
+    case SSH_KEYTYPE_ECDSA_P521:
+    case SSH_KEYTYPE_SK_ECDSA:
+        type_s =
+            ssh_string_from_char(pki_key_ecdsa_nid_to_char(key->ecdsa_nid));
+        if (type_s == NULL) {
+            SSH_BUFFER_FREE(buffer);
+            return NULL;
+        }
+
+        rc = ssh_buffer_add_ssh_string(buffer, type_s);
+        SSH_STRING_FREE(type_s);
+        if (rc < 0) {
+            SSH_BUFFER_FREE(buffer);
+            return NULL;
+        }
+
+        e = make_ecpoint_string(&key->ecdsa->MBEDTLS_PRIVATE(grp),
+                                &key->ecdsa->MBEDTLS_PRIVATE(Q));
+
+        if (e == NULL) {
+            SSH_BUFFER_FREE(buffer);
+            return NULL;
+        }
+
+        rc = ssh_buffer_add_ssh_string(buffer, e);
+        if (rc < 0) {
+            goto out;
+        }
+
+        if (type == SSH_KEY_PRIVATE) {
+            d = ssh_make_bignum_string(&key->ecdsa->MBEDTLS_PRIVATE(d));
+
+            if (d == NULL) {
+                SSH_BUFFER_FREE(buffer);
+                goto out;
+            }
+
+            rc = ssh_buffer_add_ssh_string(buffer, d);
+            if (rc < 0) {
+                goto out;
+            }
+        } else if (key->type == SSH_KEYTYPE_SK_ECDSA) {
+            /* public key can contain certificate sk information */
+            rc = ssh_buffer_add_ssh_string(buffer, key->sk_application);
+            if (rc < 0) {
+                goto out;
+            }
+        }
+        break;
+    case SSH_KEYTYPE_ED25519:
+    case SSH_KEYTYPE_SK_ED25519:
+        if (type == SSH_KEY_PUBLIC) {
+            rc = pki_ed25519_public_key_to_blob(buffer, key);
+            if (rc == SSH_ERROR) {
+                goto out;
+            }
+            /* public key can contain certificate sk information */
+            if (key->type == SSH_KEYTYPE_SK_ED25519) {
                 rc = ssh_buffer_add_ssh_string(buffer, key->sk_application);
                 if (rc < 0) {
-                    goto fail;
-                }
-
-            }
-            break;
-        case SSH_KEYTYPE_ED25519:
-        case SSH_KEYTYPE_SK_ED25519:
-            if (type == SSH_KEY_PUBLIC) {
-                rc = pki_ed25519_public_key_to_blob(buffer, key);
-                if (rc == SSH_ERROR) {
-                    goto fail;
-                }
-                /* public key can contain certificate sk information */
-                if (key->type == SSH_KEYTYPE_SK_ED25519) {
-                    rc = ssh_buffer_add_ssh_string(buffer, key->sk_application);
-                    if (rc < 0) {
-                        goto fail;
-                    }
-                }
-            } else {
-                rc = pki_ed25519_private_key_to_blob(buffer, key);
-                if (rc == SSH_ERROR) {
-                    goto fail;
+                    goto out;
                 }
             }
-            break;
-        default:
-            goto fail;
+        } else {
+            rc = pki_ed25519_private_key_to_blob(buffer, key);
+            if (rc == SSH_ERROR) {
+                goto out;
+            }
+        }
+        break;
+    default:
+        goto out;
     }
 makestring:
     str = ssh_string_new(ssh_buffer_get_len(buffer));
     if (str == NULL) {
-        goto fail;
+        goto out;
     }
 
-    rc = ssh_string_fill(str, ssh_buffer_get(buffer),
-            ssh_buffer_get_len(buffer));
+    rc = ssh_string_fill(str,
+                         ssh_buffer_get(buffer),
+                         ssh_buffer_get_len(buffer));
     if (rc < 0) {
-        goto fail;
+        ssh_string_burn(str);
+        SSH_STRING_FREE(str);
     }
 
+out:
     SSH_BUFFER_FREE(buffer);
-#if MBEDTLS_VERSION_MAJOR > 2
-    mbedtls_mpi_free(&N);
-    mbedtls_mpi_free(&E);
-#endif
-    return str;
-fail:
-    SSH_BUFFER_FREE(buffer);
-    ssh_string_burn(str);
-    SSH_STRING_FREE(str);
     ssh_string_burn(e);
     SSH_STRING_FREE(e);
     ssh_string_burn(n);
     SSH_STRING_FREE(n);
+    ssh_string_burn(d);
+    SSH_STRING_FREE(d);
+    ssh_string_burn(iqmp);
+    SSH_STRING_FREE(iqmp);
+    ssh_string_burn(p);
+    SSH_STRING_FREE(p);
+    ssh_string_burn(q);
+    SSH_STRING_FREE(q);
 #if MBEDTLS_VERSION_MAJOR > 2
     mbedtls_mpi_free(&N);
     mbedtls_mpi_free(&E);
+    mbedtls_mpi_free(&D);
+    mbedtls_mpi_free(&IQMP);
+    mbedtls_mpi_free(&P);
+    mbedtls_mpi_free(&Q);
 #endif
 
-    return NULL;
+    return str;
 }
 
 ssh_string pki_signature_to_blob(const ssh_signature sig)

src/server.c

@@ -523,6 +523,7 @@ static int ssh_server_kex_termination(void *s){
   ssh_session session = s;
   if (session->session_state != SSH_SESSION_STATE_ERROR &&
       session->session_state != SSH_SESSION_STATE_AUTHENTICATING &&
+      session->session_state != SSH_SESSION_STATE_AUTHENTICATED &&
       session->session_state != SSH_SESSION_STATE_DISCONNECTED)
     return 0;
   else

tests/CMakeLists.txt

@@ -23,6 +23,12 @@ if (NOT WIN32)
         ${TORTURE_LINK_LIBRARIES}
         pthread)
 endif(NOT WIN32)
+if (WITH_GSSAPI AND GSSAPI_FOUND)
+    find_package(OpenSSL 1.1.1 REQUIRED)
+    set(TORTURE_LINK_LIBRARIES
+        ${TORTURE_LINK_LIBRARIES}
+        OpenSSL::Crypto)
+endif (WITH_GSSAPI AND GSSAPI_FOUND)
 
 # create test library
 add_library(${TORTURE_LIBRARY}
@@ -163,6 +169,22 @@ if (SSH_EXECUTABLE)
 
 endif()
 
+find_program(DROPBEAR_EXECUTABLE NAMES dbclient)
+if (DROPBEAR_EXECUTABLE)
+    execute_process(COMMAND ${DROPBEAR_EXECUTABLE} -V ERROR_VARIABLE DROPBEAR_VERSION_STR)
+    string(REGEX REPLACE "^.*Dropbear v([0-9]+)\\.([0-9]+).*$" "\\1.\\2" DROPBEAR_VERSION "${DROPBEAR_VERSION_STR}")
+    set(DROPBEAR_VERSION "${DROPBEAR_VERSION}")
+
+    # HMAC-SHA1 support was removed in version 2025.87
+    if("${DROPBEAR_VERSION}" VERSION_LESS "2025.87")
+        message("Dropbear Version less than 2025.87, enabling dropbear HMAC-SHA1 tests")
+        add_definitions(-DDROPBEAR_SUPPORTS_HMAC_SHA1)
+    endif()
+else()
+    message(STATUS "Could NOT find Dropbear (missing: dbclient executable)")
+    set(DROPBEAR_EXECUTABLE "/bin/false")
+endif()
+
 find_program(SSHD_EXECUTABLE
              NAME
                 sshd

tests/client/torture_gssapi_auth.c

@@ -272,5 +272,5 @@ torture_run_tests(void)
     rc = cmocka_run_group_tests(tests, sshd_setup, sshd_teardown);
     ssh_finalize();
 
-    pthread_exit((void *)&rc);
+    return rc;
 }

tests/fuzz/CMakeLists.txt

@@ -2,9 +2,7 @@ project(fuzzing CXX)
 
 macro(fuzzer name)
     add_executable(${name} ${name}.c)
-    target_link_libraries(${name}
-                          PRIVATE
-                              ssh::static pthread)
+    target_link_libraries(${name} PRIVATE ${TORTURE_LINK_LIBRARIES})
     if (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
         set_target_properties(${name}
                               PROPERTIES

tests/fuzz/fuzzer.c

@@ -1,8 +1,14 @@
 /* Simpler gnu89 version of StandaloneFuzzTargetMain.c from LLVM */
 
+#include "config.h"
+
 #include <assert.h>
 #include <stdio.h>
 #include <stdlib.h>
+#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
+/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */
+#include <openssl/crypto.h>
+#endif
 
 int LLVMFuzzerTestOneInput (const unsigned char *data, size_t size);
 __attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv);
@@ -35,5 +41,9 @@ main (int argc, char **argv)
 
     free (buf);
     printf ("Done!\n");
+
+#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
+    OPENSSL_cleanup();
+#endif
     return 0;
 }

tests/pkd/CMakeLists.txt

@@ -17,10 +17,8 @@ set(pkd_hello_src
 )
 
 set(pkd_libs
-    ${CMOCKA_LIBRARY}
-    ssh::static
+    ${TORTURE_LINK_LIBRARIES}
     ${ARGP_LIBRARIES}
-    pthread
 )
 
 add_executable(pkd_hello ${pkd_hello_src})

tests/pkd/pkd_client.h

@@ -61,7 +61,7 @@
 
 /* Dropbear */
 
-#define DROPBEAR_BINARY "dbclient"
+#define DROPBEAR_BINARY DROPBEAR_EXECUTABLE
 #define DROPBEAR_KEYGEN "dropbearkey"
 
 #define DROPBEAR_CMD_START \

tests/pkd/pkd_hello.c

@@ -22,6 +22,11 @@
 #include "pkd_keyutil.h"
 #include "pkd_util.h"
 
+#if defined(HAVE_LIBCRYPTO)
+/* for OPENSSL_cleanup() of OpenSSL context */
+#include <openssl/crypto.h>
+#endif
+
 #define DEFAULT_ITERATIONS 10
 static struct pkd_daemon_args pkd_dargs;
 
@@ -410,22 +415,32 @@ static int torture_pkd_setup_ecdsa_521(void **state) {
     f(client, ecdsa_521_aes192_ctr,    ciphercmd("aes192-ctr"),    setup_ecdsa_521,  teardown)
 
 
-#define PKDTESTS_MAC_FIPS(f, client, maccmd) \
+#define PKDTESTS_MAC_FIPS_BASE(f, client, maccmd) \
     f(client, ecdsa_256_hmac_sha2_256,      maccmd("hmac-sha2-256"),                  setup_ecdsa_256,  teardown) \
     f(client, ecdsa_384_hmac_sha2_256,      maccmd("hmac-sha2-256"),                  setup_ecdsa_384,  teardown) \
     f(client, ecdsa_521_hmac_sha2_256,      maccmd("hmac-sha2-256"),                  setup_ecdsa_521,  teardown) \
     f(client, rsa_hmac_sha2_256,            maccmd("hmac-sha2-256"),                  setup_rsa,        teardown)
 
-/* TODO: Include these tests when an older version of dropbear is used. Currently, they have been removed as the latest dropbear version
-does not support these MACs.
+#define PKDTESTS_MAC_FIPS_SHA1(f, client, maccmd) \
+    f(client, ecdsa_256_hmac_sha1,          maccmd("hmac-sha1"),                      setup_ecdsa_256,  teardown) \
+    f(client, ecdsa_384_hmac_sha1,          maccmd("hmac-sha1"),                      setup_ecdsa_384,  teardown) \
+    f(client, ecdsa_521_hmac_sha1,          maccmd("hmac-sha1"),                      setup_ecdsa_521,  teardown) \
+    f(client, rsa_hmac_sha1,                maccmd("hmac-sha1"),                      setup_rsa,        teardown)
 
-f(client, ecdsa_256_hmac_sha1,          maccmd("hmac-sha1"),                      setup_ecdsa_256,  teardown) \
-f(client, ecdsa_384_hmac_sha1,          maccmd("hmac-sha1"),                      setup_ecdsa_384,  teardown) \
-f(client, ecdsa_521_hmac_sha1,          maccmd("hmac-sha1"),                      setup_ecdsa_521,  teardown) \
-f(client, rsa_hmac_sha1,                maccmd("hmac-sha1"),                      setup_rsa,        teardown) \
-*/
+#ifdef DROPBEAR_SUPPORTS_HMAC_SHA1
+#define PKDTESTS_MAC_FIPS(f, client, maccmd)  \
+    PKDTESTS_MAC_FIPS_BASE(f, client, maccmd) \
+    PKDTESTS_MAC_FIPS_SHA1(f, client, maccmd)
+#define PKDTESTS_MAC_OPENSSHONLY_FIPS_SHA1(f, client, maccmd)
+#else
+#define PKDTESTS_MAC_FIPS(f, client, maccmd) \
+    PKDTESTS_MAC_FIPS_BASE(f, client, maccmd)
+#define PKDTESTS_MAC_OPENSSHONLY_FIPS_SHA1(f, client, maccmd) \
+    PKDTESTS_MAC_FIPS_SHA1(f, client, maccmd)
+#endif
 
 #define PKDTESTS_MAC_OPENSSHONLY_FIPS(f, client, maccmd) \
+    PKDTESTS_MAC_OPENSSHONLY_FIPS_SHA1(f, client, maccmd) \
     f(client, ecdsa_256_hmac_sha1_etm,      maccmd("hmac-sha1-etm@openssh.com"),      setup_ecdsa_256,  teardown) \
     f(client, ecdsa_256_hmac_sha2_256_etm,  maccmd("hmac-sha2-256-etm@openssh.com"),  setup_ecdsa_256,  teardown) \
     f(client, ecdsa_256_hmac_sha2_512,      maccmd("hmac-sha2-512"),                  setup_ecdsa_256,  teardown) \
@@ -990,6 +1005,9 @@ out_finalize:
     if (rc != 0) {
         fprintf(stderr, "ssh_finalize: %d\n", rc);
     }
+#if defined(HAVE_LIBCRYPTO)
+    OPENSSL_cleanup();
+#endif
 out:
     return exit_code;
 }

tests/server/test_server/CMakeLists.txt

@@ -11,7 +11,8 @@ set(server_SRCS
 add_library(testserver STATIC
             test_server.c
             default_cb.c
-            sftpserver_cb.c)
+            sftpserver_cb.c
+            testserver_common.c)
 if (WITH_COVERAGE)
     append_coverage_compiler_flags_to_target(testserver)
 endif (WITH_COVERAGE)
@@ -32,7 +33,7 @@ if (UNIX AND NOT WIN32)
     add_executable(test_server ${server_SRCS})
     target_compile_options(test_server PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
     target_link_libraries(test_server
-        PRIVATE testserver ssh::ssh ${ARGP_LIBRARIES} util)
+        PRIVATE testserver ${TORTURE_LINK_LIBRARIES} ${ARGP_LIBRARIES} util)
     if (WITH_COVERAGE)
         append_coverage_compiler_flags_to_target(test_server)
     endif (WITH_COVERAGE)

tests/server/test_server/default_cb.c

@@ -21,9 +21,11 @@
  * MA 02111-1307, USA.
  */
 
+
 #include "config.h"
 #include "test_server.h"
 #include "default_cb.h"
+#include "testserver_common.h"
 
 #include <libssh/callbacks.h>
 #include <libssh/server.h>
@@ -448,9 +450,11 @@ static int exec_pty(const char *mode,
     case 0:
         close(cdata->pty_master);
         if (login_tty(cdata->pty_slave) != 0) {
+            finalize_openssl();
             exit(1);
         }
         execl("/bin/sh", "sh", mode, command, NULL);
+        finalize_openssl();
         exit(0);
     default:
         close(cdata->pty_slave);
@@ -500,6 +504,7 @@ static int exec_nopty(const char *command, struct channel_data_st *cdata)
             close(err[1]);
             /* exec the requested command. */
             execl("/bin/sh", "sh", "-c", command, NULL);
+            finalize_openssl();
             exit(0);
     }
 

tests/server/test_server/test_server.c

@@ -22,6 +22,7 @@
  */
 
 #include "test_server.h"
+#include "testserver_common.h"
 
 #include <libssh/priv.h>
 #include <libssh/libssh.h>
@@ -288,6 +289,7 @@ int run_server(struct server_state_st *state)
 
                 free_server_state(state);
                 SAFE_FREE(state);
+                finalize_openssl();
                 exit(0);
             case -1:
                 fprintf(stderr, "Failed to fork\n");
@@ -355,11 +357,8 @@ fork_run_server(struct server_state_st *state,
 
         /* The child process starts a server which will listen for connections */
         rc = run_server(state);
-        if (rc != 0) {
-            exit(rc);
-        }
-
-        exit(0);
+        finalize_openssl();
+        exit(rc);
     case -1:
         strerror_r(errno, err_str, 1024);
         fprintf(stderr, "Failed to fork: %s\n",

tests/server/test_server/testserver_common.c

@@ -0,0 +1,36 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2025 by Red Hat, Inc.
+ *
+ * Author: Jakub Jelen <jjelen@redhat.com>
+ *
+ * The SSH Library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The SSH Library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the SSH Library; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+#include "testserver_common.h"
+
+#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
+/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */
+#include <openssl/crypto.h>
+#endif
+
+void finalize_openssl(void)
+{
+#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
+    OPENSSL_cleanup();
+#endif
+}

tests/server/test_server/testserver_common.h

@@ -0,0 +1,26 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2025 by Red Hat, Inc.
+ *
+ * Author: Jakub Jelen <jjelen@redhat.com>
+ *
+ * The SSH Library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The SSH Library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the SSH Library; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+ * MA 02111-1307, USA.
+ */
+
+#include "config.h"
+
+void finalize_openssl(void);

tests/server/torture_gssapi_server_auth.c

@@ -451,5 +451,5 @@ torture_run_tests(void)
                                 teardown_default_server);
     ssh_finalize();
 
-    pthread_exit((void *)&rc);
+    return rc;
 }

tests/server/torture_gssapi_server_auth_cb.c

@@ -475,5 +475,5 @@ torture_run_tests(void)
                                 teardown_default_server);
     ssh_finalize();
 
-    pthread_exit((void *)&rc);
+    return rc;
 }

tests/server/torture_gssapi_server_delegation.c

@@ -371,5 +371,5 @@ torture_run_tests(void)
                                 teardown_default_server);
     ssh_finalize();
 
-    pthread_exit((void *)&rc);
+    return rc;
 }

tests/tests_config.h.cmake

@@ -65,6 +65,7 @@
 #cmakedefine NCAT_EXECUTABLE "${NCAT_EXECUTABLE}"
 #cmakedefine SSHD_EXECUTABLE "${SSHD_EXECUTABLE}"
 #cmakedefine SSH_EXECUTABLE "${SSH_EXECUTABLE}"
+#cmakedefine DROPBEAR_EXECUTABLE "${DROPBEAR_EXECUTABLE}"
 #cmakedefine WITH_TIMEOUT ${WITH_TIMEOUT}
 #cmakedefine TIMEOUT_EXECUTABLE "${TIMEOUT_EXECUTABLE}"
 #cmakedefine SOFTHSM2_LIBRARY "${SOFTHSM2_LIBRARY}"

tests/torture.c

@@ -52,6 +52,11 @@
 #include <valgrind/valgrind.h>
 #endif
 
+#ifdef WITH_GSSAPI
+/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */
+#include <openssl/crypto.h>
+#endif
+
 #define TORTURE_SSHD_SRV_IPV4 "127.0.0.10"
 /* socket wrapper IPv6 prefix  fd00::5357:5fxx */
 #define TORTURE_SSHD_SRV_IPV6 "fd00::5357:5f0a"
@@ -1848,9 +1853,31 @@ __attribute__((weak)) int torture_run_tests(void)
 }
 #endif /* defined(HAVE_WEAK_ATTRIBUTE) && defined(TORTURE_SHARED) */
 
-int main(int argc, char **argv) {
+/**
+ * Finalize the torture context. No-op except for OpenSSL or GSSAPI
+ *
+ * When OpenSSL is built without the at-exit handlers, it won't call the
+ * OPENSSL_cleanup() from destructor or at-exit handler, which means we need to
+ * do it manually in the tests.
+ *
+ * It is never a good idea to call this function from the library context as we
+ * can not be sure the libssh is really the last one using the OpenSSL.
+ *
+ * This needs to be called at the end of the main function or any time before
+ * any forked process (servers) exits.
+ */
+void torture_finalize(void)
+{
+#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI)
+    OPENSSL_cleanup();
+#endif
+}
+
+int main(int argc, char **argv)
+{
     struct argument_s arguments;
     char *env = getenv("LIBSSH_VERBOSITY");
+    int rv;
 
     arguments.verbose=0;
     arguments.pattern=NULL;
@@ -1868,5 +1895,9 @@ int main(int argc, char **argv) {
     cmocka_set_test_filter(pattern);
 #endif
 
-    return torture_run_tests();
+    rv = torture_run_tests();
+
+    torture_finalize();
+
+    return rv;
 }

tests/torture.h

@@ -178,4 +178,6 @@ int torture_change_dir(char *path);
 void torture_setenv(char const* variable, char const* value);
 void torture_unsetenv(char const* variable);
 
+void torture_finalize(void);
+
 #endif /* _TORTURE_H */

tests/unittests/torture_config.c

@@ -2468,9 +2468,9 @@ static void torture_config_make_absolute_int(void **state, bool no_sshdir_fails)
     char *home = NULL;
     struct passwd *pw = getpwuid(getuid());
     assert_non_null(pw);
-    user = pw->pw_name;
+    user = strdup(pw->pw_name);
     assert_non_null(user);
-    home = pw->pw_dir;
+    home = strdup(pw->pw_dir);
     assert_non_null(home);
 #endif
 
@@ -2528,6 +2528,8 @@ static void torture_config_make_absolute_int(void **state, bool no_sshdir_fails)
     snprintf(h, 256 - 1, "/etc/ssh/~%s/.ssh/config.d/*.conf", user);
     assert_string_equal(result, h);
     free(result);
+    free(home);
+    free(user);
 #endif
 }
 

tests/unittests/torture_threads_pki_rsa.c

@@ -133,10 +133,9 @@ static int teardown(void **state) {
     return 0;
 }
 
-static int disable_secmem(void **state)
+static void
+disable_secmem(void)
 {
-    (void) state; /*unused*/
-
 #if defined(HAVE_LIBGCRYPT)
     /* gcrypt currently is configured to use only 4kB of locked secmem
      * (see ssh_crypto_init() in src/libcrypt.c)
@@ -145,23 +144,10 @@ static int disable_secmem(void **state)
      * To avoid the expected warning, disable the secure memory.
      * */
 
-    gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
+    gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
     gcry_control(GCRYCTL_DISABLE_SECMEM);
+    gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
 #endif
-
-    return 0;
-}
-
-static int enable_secmem(void **state)
-{
-    (void) state; /*unused*/
-
-#if defined(HAVE_LIBGCRYPT)
-    /* Re-enable secmem */
-    gcry_control(GCRYCTL_INIT_SECMEM, 4096);
-    gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
-#endif
-    return 0;
 }
 
 static void *thread_pki_rsa_import_pubkey_file(void *threadid)
@@ -756,18 +742,21 @@ int torture_run_tests(void)
         cmocka_unit_test_setup_teardown(torture_pki_rsa_import_pubkey_file,
                                         setup_rsa_key,
                                         teardown),
-        cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64_NULL_key,
-                                        setup_rsa_key,
-                                        teardown),
-        cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64_NULL_str,
-                                        setup_rsa_key,
-                                        teardown),
+        cmocka_unit_test_setup_teardown(
+            torture_pki_rsa_import_privkey_base64_NULL_key,
+            setup_rsa_key,
+            teardown),
+        cmocka_unit_test_setup_teardown(
+            torture_pki_rsa_import_privkey_base64_NULL_str,
+            setup_rsa_key,
+            teardown),
         cmocka_unit_test_setup_teardown(torture_pki_rsa_import_privkey_base64,
                                         setup_rsa_key,
                                         teardown),
-        cmocka_unit_test_setup_teardown(torture_pki_rsa_publickey_from_privatekey,
-                                        setup_rsa_key,
-                                        teardown),
+        cmocka_unit_test_setup_teardown(
+            torture_pki_rsa_publickey_from_privatekey,
+            setup_rsa_key,
+            teardown),
         cmocka_unit_test(torture_pki_rsa_import_privkey_base64_passphrase),
         cmocka_unit_test_setup_teardown(torture_pki_rsa_copy_cert_to_privkey,
                                         setup_rsa_key,
@@ -781,12 +770,8 @@ int torture_run_tests(void)
         cmocka_unit_test_setup_teardown(torture_pki_rsa_duplicate_key,
                                         setup_rsa_key,
                                         teardown),
-        cmocka_unit_test_setup_teardown(torture_pki_rsa_generate_key,
-                                        disable_secmem,
-                                        enable_secmem),
-        cmocka_unit_test_setup_teardown(torture_mixed,
-                                        setup_rsa_key,
-                                        teardown),
+        cmocka_unit_test(torture_pki_rsa_generate_key),
+        cmocka_unit_test_setup_teardown(torture_mixed, setup_rsa_key, teardown),
     };
 
     /*
@@ -801,6 +786,7 @@ int torture_run_tests(void)
      * If the library is statically linked, ssh_init() is not called
      * automatically
      */
+    disable_secmem();
     ssh_init();
     torture_filter_tests(tests);
     rc = cmocka_run_group_tests(tests, NULL, NULL);

tests/valgrind.supp

@@ -248,23 +248,9 @@
    Reachable memory from getaddrinfo
    Memcheck:Leak
    match-leak-kinds: reachable
-   fun:malloc
-   fun:UnknownInlinedFun
-   fun:_dl_new_object
-   fun:_dl_map_object_from_fd
-   fun:_dl_map_object
-   fun:dl_open_worker_begin
-   fun:_dl_catch_exception
-   fun:dl_open_worker
-   fun:_dl_catch_exception
-   fun:_dl_open
-   fun:do_dlopen
-   fun:_dl_catch_exception
-   fun:_dl_catch_error
-   fun:dlerror_run
-   fun:__libc_dlopen_mode
-   fun:module_load
+   ...
    fun:__nss_module_get_function
+   ...
    fun:getaddrinfo
    ...
    fun:krb5_sname_to_principal
@@ -285,7 +271,6 @@
    fun:torture_run_tests
    fun:main
 }
-
 ## libkrb5
 # krb5_mcc_generate_new allocates a hashtab on a static global variable
 # It doesn't get freed.
@@ -298,3 +283,30 @@
    ...
    fun:krb5_mcc_generate_new*
 }
+{
+   Error string from acquire creds in krb5
+   Memcheck:Leak
+   match-leak-kinds: reachable
+   fun:malloc
+   ...
+   fun:krb5_gss_save_error_string
+   fun:UnknownInlinedFun
+   fun:acquire_cred_context.isra.0
+   fun:acquire_cred_from.isra.0
+   fun:gss_add_cred_from
+   fun:gss_acquire_cred_from
+   ...
+   fun:gss_acquire_cred
+}
+{
+   error string from gss init sec context
+   Memcheck:Leak
+   match-leak-kinds: reachable
+   fun:malloc
+   ...
+   fun:krb5_gss_save_error_string
+   fun:UnknownInlinedFun
+   fun:krb5_gss_init_sec_context_ext
+   fun:krb5_gss_init_sec_context
+   fun:gss_init_sec_context
+}