httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 54357] Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()
Date Wed, 24 Sep 2014 12:29:20 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=54357

Kaspar Brand <asfbugz@velox.ch> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #32043|0                           |1
        is obsolete|                            |

--- Comment #30 from Kaspar Brand <asfbugz@velox.ch> ---
Created attachment 32053
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=32053&action=edit
Patch v7 - store stapling certinfo in a global hash, based on work by Alex
Bligh

Hmm, ok, so after another closer look, I think I found another issue with the
existing code, actually: IINM, with the current certinfo_free code, we actually
leak the OCSP_CERTID stored cinf->cid (which gets allocated by
OCSP_cert_to_id).

I came to this conclusion when I was restructuring ssl_stapling_init_cert() a
bit more, and am attaching my current version. I did some limited "real-world"
testing, but more testing and further reviews are welcome and appreciated, of
course.

Joe and Steve: I've Cc'ed you in the hope that you could share your insights
and opinion on the currently suggested approach.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message