source: mod_gnutls/debian/patches/no-deinit-on-proxy-disable.patch @ 8ed8e96

debian/masterdebian/stretch-backportsjessie-backports
Last change on this file since 8ed8e96 was 8ed8e96, checked in by Daniel Kahn Gillmor <dkg@…>, 5 years ago

committing NMU 0.6-1.4 (thanks, Thomas!)

  • Property mode set to 100644
File size: 1.4 KB
RevLine 
[8ed8e96]1From c782c1f12c0ed4d5048eb52fd3ef51037c53f426 Mon Sep 17 00:00:00 2001
2From: Thomas Klute <thomas2.klute@uni-dortmund.de>
3Date: Wed, 21 Jan 2015 09:41:51 +0100
4Subject: [PATCH] Don't do global deinit when disabling TLS for a proxy back
5 end connection
6
7Prior to this commit, ssl_engine_disable called mgs_cleanup_pre_config
8on the connection pool before returning:
9
10mgs_cleanup_pre_config(c->pool);
11
12mgs_cleanup_pre_config does not even touch the argument, as its
13signature shows.
14
15apr_status_t mgs_cleanup_pre_config(void *data __attribute__((unused)));
16
17It does, however, deinitialize the global session cache and, more
18importantly, the global GnuTLS data structures. Trying to use those
19deinitialized data structures led to segmentation faults during TLS
20handshake.
21
22Since there is no reason to globally deinitialize GnuTLS when disabling
23TLS for one specific proxy back end connection, the solution is to
24simply remove the call to mgs_cleanup_pre_config from
25ssl_engine_disable.
26---
27 src/mod_gnutls.c | 2 +-
28 1 file changed, 1 insertion(+), 1 deletion(-)
29
30diff --git a/src/mod_gnutls.c b/src/mod_gnutls.c
31index a77364d..2d0e6ea 100644
32--- a/src/mod_gnutls.c
33+++ b/src/mod_gnutls.c
34@@ -100,7 +100,7 @@ int ssl_engine_disable(conn_rec *c)
35         ap_remove_input_filter(c->input_filters);
36     if (c->output_filters)
37         ap_remove_output_filter(c->output_filters);
38-    mgs_cleanup_pre_config(c->pool);
39+
40     return 1;
41 }
42 
43--
442.1.4
45
Note: See TracBrowser for help on using the repository browser.