Re: svn commit: r1788442 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_private.h modules/ssl/ssl_util.c

Thu, 30 Mar 2017 19:01:03 -0700 

On 03/24/2017 06:31 AM, yla...@apache.org wrote:

Author: ylavic
Date: Fri Mar 24 13:31:03 2017
New Revision: 1788442

URL: http://svn.apache.org/viewvc?rev=1788442&view=rev
Log:
Merge r1781187, r1781190, r1781312 from trunk:

mod_ssl: work around leaks on (graceful) restart.

Tested with valgrind and --with-ssl shared/static.


<snip>


Modified: httpd/httpd/branches/2.4.x/modules/ssl/ssl_util.c
URL: 
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_util.c?rev=1788442&r1=1788441&r2=1788442&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/ssl_util.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/ssl_util.c Fri Mar 24 13:31:03 2017
@@ -383,6 +383,12 @@ static void ssl_util_thr_id(CRYPTO_THREA
 #endif
 }

+static apr_status_t ssl_util_thr_id_cleanup(void *old)
+{
+    CRYPTO_THREADID_set_callback(old);
+    return APR_SUCCESS;
+}
+
 #else

 static unsigned long ssl_util_thr_id(void)
@@ -403,16 +409,17 @@ static unsigned long ssl_util_thr_id(voi
 #endif
 }

+static apr_status_t ssl_util_thr_id_cleanup(void *old)
+{
+    CRYPTO_set_id_callback(old);
+    return APR_SUCCESS;
+}
+
 #endif

 static apr_status_t ssl_util_thread_cleanup(void *data)
 {
     CRYPTO_set_locking_callback(NULL);
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-    CRYPTO_THREADID_set_callback(NULL);
-#else
-    CRYPTO_set_id_callback(NULL);
-#endif


Hey Yann,
You didn't introduce this logic, but since you've been touching this code: I just found out that CRYPTO_THREADID_set_callback(NULL) doesn't actually *do* anything, unlike CRYPTO_set_id_callback(NULL). 

See also https://bz.apache.org/bugzilla/show_bug.cgi?id=60947 .

--Jacob



     CRYPTO_set_dynlock_create_callback(NULL);
     CRYPTO_set_dynlock_lock_callback(NULL);
@@ -436,12 +443,6 @@ void ssl_util_thread_setup(apr_pool_t *p
         apr_thread_mutex_create(&(lock_cs[i]), APR_THREAD_MUTEX_DEFAULT, p);
     }

-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-    CRYPTO_THREADID_set_callback(ssl_util_thr_id);
-#else
-    CRYPTO_set_id_callback(ssl_util_thr_id);
-#endif
-
     CRYPTO_set_locking_callback(ssl_util_thr_lock);

     /* Set up dynamic locking scaffolding for OpenSSL to use at its
@@ -455,5 +456,16 @@ void ssl_util_thread_setup(apr_pool_t *p
     apr_pool_cleanup_register(p, NULL, ssl_util_thread_cleanup,
                                        apr_pool_cleanup_null);
 }
+
+void ssl_util_thread_id_setup(apr_pool_t *p)
+{
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+    CRYPTO_THREADID_set_callback(ssl_util_thr_id);
+#else
+    CRYPTO_set_id_callback(ssl_util_thr_id);
+#endif
+    apr_pool_cleanup_register(p, NULL, ssl_util_thr_id_cleanup,
+                                       apr_pool_cleanup_null);
+}
 #endif /* #if OPENSSL_VERSION_NUMBER < 0x10100000L */
 #endif /* #if APR_HAS_THREADS */

Reply via email to