diff options
author | Rob Crittenden <rcritten@redhat.com> | 2016-01-15 10:15:03 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2016-01-19 14:28:12 -0500 |
commit | 9bcb9cef16895061d9de48b25b85c66f0ab17223 (patch) | |
tree | d5892d6ec59f5d8fc6077078b741718dfcbd73ec /nss_engine_init.c | |
parent | 184804c82daf7fe04dfb0b0ecdc3e06be0c103c1 (diff) | |
download | mod_nss-9bcb9cef16895061d9de48b25b85c66f0ab17223.tar.gz mod_nss-9bcb9cef16895061d9de48b25b85c66f0ab17223.tar.xz mod_nss-9bcb9cef16895061d9de48b25b85c66f0ab17223.zip |
Always call SSL_ShutdownServerSessionIDCache() in ModuleKill
The guard of NSS_IsInitialized() was too strict because of the
way Apache loads and unloads modules. We need to clean up the
SessionIDCache thread locking when a SIGHUP is received otherwise
a crash will occur.
Note that this also eliminates a rather huge memory leak when
the server is reloaded with a SIGHUP.
https://bugzilla.redhat.com/show_bug.cgi?id=1277613
https://bugzilla.redhat.com/show_bug.cgi?id=1295976
https://fedorahosted.org/mod_nss/ticket/16
Diffstat (limited to 'nss_engine_init.c')
-rw-r--r-- | nss_engine_init.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/nss_engine_init.c b/nss_engine_init.c index c218598..b158439 100644 --- a/nss_engine_init.c +++ b/nss_engine_init.c @@ -1448,7 +1448,7 @@ apr_status_t nss_init_ModuleKill(void *data) server_rec *base_server = (server_rec *)data; SSLModConfigRec *mc = myModConfig(base_server); - if (!NSS_IsInitialized()) { + if (!NSS_IsInitialized() && !PR_Initialized()) { return APR_SUCCESS; } @@ -1483,7 +1483,7 @@ apr_status_t nss_init_ChildKill(void *data) for (s = base_server; s; s = s->next) { sc = mySrvConfig(s); - if (sc->enabled == TRUE) { + if (sc->enabled == TRUE && NSS_IsInitialized()) { if (sc->server->nickname) { CERT_DestroyCertificate(sc->server->servercert); SECKEY_DestroyPrivateKey(sc->server->serverkey); @@ -1502,7 +1502,7 @@ apr_status_t nss_init_ChildKill(void *data) shutdown = 1; } - if (sc->proxy_enabled) { + if (sc->proxy_enabled && NSS_IsInitialized()) { if (sc->proxy->servercert != NULL) { CERT_DestroyCertificate(sc->proxy->servercert); SECKEY_DestroyPrivateKey(sc->proxy->serverkey); |