www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

mod_ssl: follow up to r1781187.

Browse Source 
Address SSL_CTX leak in (merged) proxy_ctx.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1781312 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Yann Ylavic
2017-02-01 21:23:17 +00:00
parent 7e95870837
commit c98a1699b0
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
modules/ssl/ssl_engine_config.c
View File

@@ -98,6 +98,14 @@ BOOL ssl_config_global_isfixed(SSLModConfigRec *mc)
** _________________________________________________________________
*/
#ifdef HAVE_SSL_CONF_CMD
static apr_status_t modssl_ctx_config_cleanup(void *ctx)
{
SSL_CONF_CTX_free(ctx);
return APR_SUCCESS;
}
#endif
static void modssl_ctx_init(modssl_ctx_t *mctx, apr_pool_t *p)
{
mctx->sc = NULL; /* set during module init */
@@ -157,6 +165,9 @@ static void modssl_ctx_init(modssl_ctx_t *mctx, apr_pool_t *p)
#endif
#ifdef HAVE_SSL_CONF_CMD
mctx->ssl_ctx_config = SSL_CONF_CTX_new();
apr_pool_cleanup_register(p, mctx->ssl_ctx_config,
modssl_ctx_config_cleanup,
apr_pool_cleanup_null);
SSL_CONF_CTX_set_flags(mctx->ssl_ctx_config, SSL_CONF_FLAG_FILE);
SSL_CONF_CTX_set_flags(mctx->ssl_ctx_config, SSL_CONF_FLAG_SERVER);
SSL_CONF_CTX_set_flags(mctx->ssl_ctx_config, SSL_CONF_FLAG_CERTIFICATE);

1
modules/ssl/ssl_engine_init.c
View File

@@ -1685,7 +1685,6 @@ static apr_status_t ssl_init_server_ctx(server_rec *s,
ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
return ssl_die(s);
}
SSL_CONF_CTX_free(cctx);
#endif
if (SSL_CTX_check_private_key(sc->server->ssl_ctx) != 1) {