Changeset a2368a4 in mod_gnutls


Ignore:
Timestamp:
Nov 20, 2015, 7:44:24 PM (2 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
master, debian, jessie-backports, upstream
Children:
73b0bf0
Parents:
2ceb836
Message:

Use TLS session cleanup hook for all connection pools

If a TLS session hasn't been terminated by the time Apache releases
the resources of the associated connection, this hook ensures the
session is deinitialized properly. With this change, the hook is used
for all connections, not just proxy connections as before.

Note that the cleanup hook is just a second line of defense against
memory leaks. The I/O filter functions should close TLS sessions on
EOF, and cleanup_gnutls_session will log a warning if it has to close
a session.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r2ceb836 ra2368a4  
    781781                          "gnutls_session_ticket_enable_client failed: %s (%d)",
    782782                          gnutls_strerror(err), err);
    783         /* Try to close and deinit the session when the connection
    784          * pool is cleared. Note that mod_proxy might not close
    785          * connections immediately, if you need that, look at the
    786          * "proxy-nokeepalive" environment variable for
    787          * mod_proxy_http. */
    788         apr_pool_pre_cleanup_register(c->pool, ctxt, cleanup_gnutls_session);
    789783    }
    790784    else
     
    806800        }
    807801    }
     802
     803    /* Ensure TLS session resources are released when the connection
     804     * pool is cleared, if the filters haven't done that already. */
     805    apr_pool_pre_cleanup_register(c->pool, ctxt, cleanup_gnutls_session);
    808806
    809807    /* Set Default Priority */
Note: See TracChangeset for help on using the changeset viewer.