[ https://issues.apache.org/jira/browse/TS-4858?focusedWorklogId=30195&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-30195 ]
ASF GitHub Bot logged work on TS-4858: -------------------------------------- Author: ASF GitHub Bot Created on: 05/Oct/16 19:17 Start Date: 05/Oct/16 19:17 Worklog Time Spent: 10m Work Description: Github user jpeach commented on a diff in the pull request: https://github.com/apache/trafficserver/pull/1024#discussion_r82047142 --- Diff: iocore/net/SSLCertLookup.cc --- @@ -160,7 +160,40 @@ ticket_block_alloc(unsigned count) return ptr; } +ssl_ticket_key_block * +ssl_create_ticket_key_block_buffer(char *ticket_key_data, int ticket_key_len) +{ + ssl_ticket_key_block *keyblock = NULL; + int num_ticket_keys = ticket_key_len / sizeof(ssl_ticket_key_t); + if (num_ticket_keys == 0) { + Error("SSL session ticket key is too short (>= 48 bytes are required)"); + goto fail; + } + + // Increase the stats. + if (ssl_rsb != NULL) { // ssl_rsb is not initialized during the first run. + SSL_INCREMENT_DYN_STAT(ssl_total_ticket_keys_renewed_stat); + } --- End diff -- Loading a ticket key should not have any side-effects on metrics. Since this was existing code, please file a new Jira to clean this up. Issue Time Tracking ------------------- Worklog Id: (was: 30195) Time Spent: 1.5h (was: 1h 20m) > Global session ticket key block leaks. > -------------------------------------- > > Key: TS-4858 > URL: https://issues.apache.org/jira/browse/TS-4858 > Project: Traffic Server > Issue Type: Bug > Components: SSL > Reporter: James Peach > Assignee: Syeda Persia Aziz > Fix For: 7.1.0 > > Time Spent: 1.5h > Remaining Estimate: 0h > > From source inspection, ``global_default_keyblock`` is always assigned so it > will leak on configuration reload. > Have not reproduced this since I wasn't able to get SSL config reload to work > :-( -- This message was sent by Atlassian JIRA (v6.3.4#6332)