From 5f555724b0d2c38a68de2fbc6259c133506c080b Mon Sep 17 00:00:00 2001
From: rcritten <>
Date: Fri, 28 Oct 2005 18:20:01 +0000
Subject: Add in check to be sure that the same server isn't initialized with
 SSL more than once. This avoids a crash during shutdown where the same
 certificates and keys will try to be released multiple times. This is based
 on ssl_init_server_check() from mod_ssl.

---
 nss_engine_init.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'nss_engine_init.c')

diff --git a/nss_engine_init.c b/nss_engine_init.c
index 6f33db4..304ee9a 100644
--- a/nss_engine_init.c
+++ b/nss_engine_init.c
@@ -717,6 +717,19 @@ static void nss_init_ctx_cipher_suite(server_rec *s,
     }
 }
 
+static void nss_init_server_check(server_rec *s,
+                                  apr_pool_t *p,
+                                  apr_pool_t *ptemp,
+                                  modnss_ctx_t *mctx)
+{
+    if (mctx->servercert != NULL || mctx->serverkey != NULL) {
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+                "Illegal attempt to re-initialise SSL for server "
+                "(theoretically shouldn't happen!)");
+        nss_die();
+    }
+}
+
 static void nss_init_ctx(server_rec *s,
                          apr_pool_t *p,
                          apr_pool_t *ptemp,
@@ -895,6 +908,8 @@ static void nss_init_server_ctx(server_rec *s,
                                 apr_pool_t *ptemp,
                                 SSLSrvConfigRec *sc)
 {
+    nss_init_server_check(s, p, ptemp, sc->server);
+
     nss_init_ctx(s, p, ptemp, sc->server);
 
     nss_init_server_certs(s, p, ptemp, sc->server);
-- 
cgit