-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Cliff Woolley
Sent: Wednesday, July 26, 2000 3:49 PM
<<< The problem appears to be that (at least in the case of static linking)
SSL_CTX_new() is returning NULL in ssl_engine_init.c lines 530 or 532, and
then a NULL ctx is being passed into SSL_CTX_set_options (aka SSL_CTX_ctrl
via a macro) on line 533, and SSL_CTX_ctrl attempts to dereference the NULL
context pointer; blam, segfault. >>>
Yep. What happens in the DSO case is the SSL library is reinitialized on
every restart. Hence, we want to free all data we have open. But in the
static case, the SSL library is only initialized once (actually twice, but
pretend it's once) when Apache starts up. So we don't want to free the SSL
library for the static case. It was being freed, however, and the
SSL_CTX_ctrl was expecting it to be initialized. Pass in a null pointed,
and instant core dump.
<<< I'm trying to figure out how it could be that SSL_CTX_new() would return
NULL in this case. Maybe it's because too much of the library has been shut
down, and for some reason in a static build it never gets reinitialized,
while in a DSO build the whole library gets unloaded and restarted. (Is
that true?) That would account for the fact that your #ifdef solves the
problem. >>>
In the DSO case, the entire library gets reinitialized every time, in the
static case, it's initialized once. I'm not familiar with Apache hacking
myself, but it seems that in the DSO case, all modules are unloaded and then
reloaded when a graceful/restart happens, hence the need to always
initialize the SSL libs.
<<< Didn't you say, though, that even with the patch in DSO mode there's
still memory that gets leaked? Or did I misunderstand? >>>
>From what I can tell, but it may be a completely unrelated memory leak, I'm
not sure. Either way, it's pretty damn small, and not something to worry
about too much. It's much better now that it was in mod_ssl-2.6.4.
-Dave
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]