[
https://issues.apache.org/jira/browse/TS-4858?focusedWorklogId=30193&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-30193
]
ASF GitHub Bot logged work on TS-4858:
--------------------------------------
Author: ASF GitHub Bot
Created on: 05/Oct/16 19:17
Start Date: 05/Oct/16 19:17
Worklog Time Spent: 10m
Work Description: Github user jpeach commented on a diff in the pull
request:
https://github.com/apache/trafficserver/pull/1024#discussion_r82049092
--- Diff: iocore/net/SSLUtils.cc ---
@@ -2159,7 +2123,7 @@ ssl_callback_session_ticket(SSL *ssl, unsigned char
*keyname, unsigned char *iv,
ssl_ticket_key_block *keyblock = NULL;
if (cc == NULL || cc->keyblock == NULL) {
// Try the default
- keyblock = global_default_keyblock;
+ keyblock = params->default_global_keyblock;
--- End diff --
OK, so as long as ``ssl_callback_session_ticket`` is called just once
before the SSL config is destroyed we are OK. I'd feel more comfortable if
there was a way to remove the keyblock from the SSL context after use so that
we have less chance of a dangling pointer.
Issue Time Tracking
-------------------
Worklog Id: (was: 30193)
Time Spent: 1.5h (was: 1h 20m)
> Global session ticket key block leaks.
> --------------------------------------
>
> Key: TS-4858
> URL: https://issues.apache.org/jira/browse/TS-4858
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: James Peach
> Assignee: Syeda Persia Aziz
> Fix For: 7.1.0
>
> Time Spent: 1.5h
> Remaining Estimate: 0h
>
> From source inspection, ``global_default_keyblock`` is always assigned so it
> will leak on configuration reload.
> Have not reproduced this since I wasn't able to get SSL config reload to work
> :-(
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
