Commit 3a2e594e authored by Joe Orton's avatar Joe Orton
Browse files

mod_ssl: Free dhparams and ecparams reading certificates at startup. 

This fixes issue when SSLCryptoDevice does not get unregistered because
of non-zero refcount during the mod_ssl unload happening on httpd startup.

Submitted by: jkaluza, ylavic
Reviewed by: wrowe, ylavic, jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1751814 13f79535-47bb-0310-9956-ffa450edef68
parent af722ac1

CHANGES

+3 −0
Original line number Diff line number Diff line 
                                                         -*- coding: utf-8 -*-

Changes with Apache 2.2.32



  *) mod_ssl: Fix a possible memory leak on restart for custom [EC]DH params.

     [Jan Kaluza, Yann Ylavic]



  *) mod_proxy: Fix a regression with 2.2.31 that caused inherited workers to

     use a different scoreboard slot then the original one.  PR 58267.

     [Ruediger Pluem]

modules/ssl/ssl_engine_init.c

+3 −1
Original line number Diff line number Diff line
@@ -900,7 +900,7 @@ static void ssl_init_server_certs(server_rec *s, 
    const char *rsa_id, *dsa_id;

#ifndef OPENSSL_NO_EC

    const char *ecc_id;

    EC_GROUP *ecparams;

    EC_GROUP *ecparams = NULL;

    int nid;

    EC_KEY *eckey = NULL;

#endif
@@ -973,6 +973,7 @@ static void ssl_init_server_certs(server_rec *s, 
                     "Custom DH parameters (%d bits) for %s loaded from %s",

                     BN_num_bits(dhparams->p), vhost_id,

                     mctx->pks->cert_files[0]);

        DH_free(dhparams);

    }



#ifndef OPENSSL_NO_EC
@@ -1001,6 +1002,7 @@ static void ssl_init_server_certs(server_rec *s, 
#endif

    }

    EC_KEY_free(eckey);

    EC_GROUP_free(ecparams);

#endif

}