I've attached a new version of the patch which fixes a bug in it..
Previously I had been just allocating memory for the key and certificates from
the mc->pPool pool as the release mod_ssl does. However, this is a permanent
pool so I had been leaking memory with every certificate reload. (Duh, I should
have known.) This patch creates a sub-pool of mc->pPool called mc->pCrtPool
used for just the certificates and which is cleaned out whenever the
certificates are reloaded.
- David Harris
Principal Engineer, DRH Internet Services
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Ralf S. Engelschall
Sent: Wednesday, July 14, 1999 11:10 AM
To: [EMAIL PROTECTED]
Subject: Re: [PATCH] Fix for graceful restart problem (PR#183)
On Mon, Jul 05, 1999, David Harris wrote:
> I think I've got a solution to the problem here.
>
> I've modified mod_ssl so that the server certificates and keys are re-read on
> restarts. However, because this happens after the server disassociates from
the
> terminal, I've set it up so that this only happens if there are no
> SSLPassPhraseDialog commands which specify the "builtin" option, which is the
> default. Then I added an option of "none" for the SSLPassPhraseDialog which
> says that all keys will be unencrypted.
Hmmm...a very reasonable approach. Has anybody any objections?
If not, I'll try to take it over for 2.4.0.
Thanks for your contribution, David.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
mod_ssl-2.3.5-1.3.6_reloadcert-1.1.patch
