summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2016-01-15 10:15:03 -0500
committerRob Crittenden <rcritten@redhat.com>2016-01-19 14:28:12 -0500
commit9bcb9cef16895061d9de48b25b85c66f0ab17223 (patch)
treed5892d6ec59f5d8fc6077078b741718dfcbd73ec
parent184804c82daf7fe04dfb0b0ecdc3e06be0c103c1 (diff)
downloadmod_nss-9bcb9cef16895061d9de48b25b85c66f0ab17223.tar.gz
mod_nss-9bcb9cef16895061d9de48b25b85c66f0ab17223.tar.xz
mod_nss-9bcb9cef16895061d9de48b25b85c66f0ab17223.zip
Always call SSL_ShutdownServerSessionIDCache() in ModuleKill
The guard of NSS_IsInitialized() was too strict because of the way Apache loads and unloads modules. We need to clean up the SessionIDCache thread locking when a SIGHUP is received otherwise a crash will occur. Note that this also eliminates a rather huge memory leak when the server is reloaded with a SIGHUP. https://bugzilla.redhat.com/show_bug.cgi?id=1277613 https://bugzilla.redhat.com/show_bug.cgi?id=1295976 https://fedorahosted.org/mod_nss/ticket/16
Diffstat
-rw-r--r--nss_engine_init.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/nss_engine_init.c b/nss_engine_init.c
index c218598..b158439 100644
--- a/nss_engine_init.c
+++ b/nss_engine_init.c
@@ -1448,7 +1448,7 @@ apr_status_t nss_init_ModuleKill(void *data)
server_rec *base_server = (server_rec *)data;
SSLModConfigRec *mc = myModConfig(base_server);
- if (!NSS_IsInitialized()) {
+ if (!NSS_IsInitialized() && !PR_Initialized()) {
return APR_SUCCESS;
}
@@ -1483,7 +1483,7 @@ apr_status_t nss_init_ChildKill(void *data)
for (s = base_server; s; s = s->next) {
sc = mySrvConfig(s);
- if (sc->enabled == TRUE) {
+ if (sc->enabled == TRUE && NSS_IsInitialized()) {
if (sc->server->nickname) {
CERT_DestroyCertificate(sc->server->servercert);
SECKEY_DestroyPrivateKey(sc->server->serverkey);
@@ -1502,7 +1502,7 @@ apr_status_t nss_init_ChildKill(void *data)
shutdown = 1;
}
- if (sc->proxy_enabled) {
+ if (sc->proxy_enabled && NSS_IsInitialized()) {
if (sc->proxy->servercert != NULL) {
CERT_DestroyCertificate(sc->proxy->servercert);
SECKEY_DestroyPrivateKey(sc->proxy->serverkey);
generated by cgit (git 2.34.1) at 2024-04-16 22:18:09 +0000