source: mod_gnutls/debian/patches/no-deinit-on-proxy-disable.patch @ 037760e

debian/masterdebian/stretch-backportsjessie-backports
Last change on this file since 037760e was 2db6923, checked in by Daniel Kahn Gillmor <dkg@…>, 5 years ago

refresh patches with gbp pq

  • Property mode set to 100644
File size: 1.3 KB
RevLine 
[8ed8e96]1From: Thomas Klute <thomas2.klute@uni-dortmund.de>
2Date: Wed, 21 Jan 2015 09:41:51 +0100
[2db6923]3Subject: Don't do global deinit when disabling TLS for a proxy back end
4 connection
[8ed8e96]5
6Prior to this commit, ssl_engine_disable called mgs_cleanup_pre_config
7on the connection pool before returning:
8
9mgs_cleanup_pre_config(c->pool);
10
11mgs_cleanup_pre_config does not even touch the argument, as its
12signature shows.
13
14apr_status_t mgs_cleanup_pre_config(void *data __attribute__((unused)));
15
16It does, however, deinitialize the global session cache and, more
17importantly, the global GnuTLS data structures. Trying to use those
18deinitialized data structures led to segmentation faults during TLS
19handshake.
20
21Since there is no reason to globally deinitialize GnuTLS when disabling
22TLS for one specific proxy back end connection, the solution is to
23simply remove the call to mgs_cleanup_pre_config from
24ssl_engine_disable.
25---
26 src/mod_gnutls.c | 2 +-
27 1 file changed, 1 insertion(+), 1 deletion(-)
28
29diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
[2db6923]30index e974ae8..760445f 100644
[8ed8e96]31--- a/src/mod_gnutls.c
32+++ b/src/mod_gnutls.c
33@@ -100,7 +100,7 @@ int ssl_engine_disable(conn_rec *c)
34         ap_remove_input_filter(c->input_filters);
35     if (c->output_filters)
36         ap_remove_output_filter(c->output_filters);
37-    mgs_cleanup_pre_config(c->pool);
38+
39     return 1;
40 }
41 
Note: See TracBrowser for help on using the repository browser.