www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Avoid valgrind warnings in mod_ssl random number generator

Browse Source 
We intentionally add uninitialized stack memory. To avoid warnings,
make valgrind believe that the memory is defined.

Add configure option to enable valgrind support


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1442307 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Fritsch
2013-02-04 19:34:08 +00:00
parent 7db330784a
commit 8736e6a6d0
5 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@@ -1,6 +1,9 @@
-*- coding: utf-8 -*- -*- coding: utf-8 -*-
Changes with Apache 2.5.0 Changes with Apache 2.5.0
*) core: Add option to add valgrind suport. Use it to reduce false positive
warnings in mod_ssl. [Stefan Fritsch]
*) mod_lua: Add bindings for apr_dbd/mod_dbd database access *) mod_lua: Add bindings for apr_dbd/mod_dbd database access
[Daniel Gruno] [Daniel Gruno]

16
configure.in
View File

@@ -659,6 +659,22 @@ fi
APACHE_SUBST(PICFLAGS) APACHE_SUBST(PICFLAGS)
APACHE_SUBST(PILDFLAGS) APACHE_SUBST(PILDFLAGS)
AC_ARG_WITH(valgrind,
[ --with-valgrind[[=DIR]] Enable code to reduce valgrind false positives
(optionally: set path to valgrind headers) ],
[ if test "$withval" != no; then
if test "$withval" = yes; then
withval=/usr/include/valgrind
fi
APR_ADDTO(CPPFLAGS, -I$withval)
AC_CHECK_HEADERS(valgrind.h memcheck.h)
APR_IFALLYES(header:valgrind.h header:memcheck.h,
[AC_DEFINE(HAVE_VALGRIND, 1, [Compile in valgrind support]) ],
[AC_MSG_ERROR(valgrind headers not found) ]
)
fi ]
)
prefix="$orig_prefix" prefix="$orig_prefix"
APACHE_ENABLE_MODULES APACHE_ENABLE_MODULES

10
modules/ssl/mod_ssl.c
View File

@@ -32,6 +32,11 @@
#include <assert.h> #include <assert.h>
#if HAVE_VALGRIND
#include <valgrind.h>
int ssl_running_on_valgrind = 0;
#endif
/* /*
* the table of configuration directives we provide * the table of configuration directives we provide
*/ */
@@ -347,6 +352,11 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
apr_pool_t *plog, apr_pool_t *plog,
apr_pool_t *ptemp) apr_pool_t *ptemp)
{ {
#if HAVE_VALGRIND
ssl_running_on_valgrind = RUNNING_ON_VALGRIND;
#endif
/* We must register the library in full, to ensure our configuration /* We must register the library in full, to ensure our configuration
* code can successfully test the SSL environment. * code can successfully test the SSL environment.
*/ */

10
modules/ssl/ssl_engine_rand.c
View File

@@ -29,6 +29,11 @@
#include "ssl_private.h" #include "ssl_private.h"
#if HAVE_VALGRIND
#include <valgrind.h>
#include <memcheck.h>
#endif
/* _________________________________________________________________ /* _________________________________________________________________
** **
** Support for better seeding of SSL library's RNG ** Support for better seeding of SSL library's RNG
@@ -113,6 +118,11 @@ int ssl_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix)
/* /*
* seed in some current state of the run-time stack (128 bytes) * seed in some current state of the run-time stack (128 bytes)
*/ */
#if HAVE_VALGRIND
if (ssl_running_on_valgrind) {
VALGRIND_MAKE_MEM_DEFINED(stackdata, sizeof(stackdata));
}
#endif
n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1); n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1);
RAND_seed(stackdata+n, 128); RAND_seed(stackdata+n, 128);
nDone += 128; nDone += 128;

4
modules/ssl/ssl_private.h
View File

@@ -1024,6 +1024,10 @@ OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
conn_rec *c, apr_pool_t *p); conn_rec *c, apr_pool_t *p);
#endif #endif
#if HAVE_VALGRIND
extern int ssl_running_on_valgrind;
#endif
#endif /* SSL_PRIVATE_H */ #endif /* SSL_PRIVATE_H */
/** @} */ /** @} */