[Pkg-fedora-ds-maintainers] [libapache2-mod-nss] 47/156: Add in check to be sure that the same server isn't initialized with SSL more than once. This avoids a crash during shutdown where the same certificates and keys will try to be released multiple times. This is based on ssl_init_server_check() from mod_ssl.
Timo Aaltonen
tjaalton-guest at moszumanska.debian.org
Wed Jul 2 13:55:26 UTC 2014
This is an automated email from the git hooks/post-receive script.
tjaalton-guest pushed a commit to branch master
in repository libapache2-mod-nss.
commit 5f555724b0d2c38a68de2fbc6259c133506c080b
Author: rcritten <>
Date: Fri Oct 28 18:20:01 2005 +0000
Add in check to be sure that the same server isn't initialized with SSL
more than once. This avoids a crash during shutdown where the same
certificates and keys will try to be released multiple times. This is
based on ssl_init_server_check() from mod_ssl.
---
nss_engine_init.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/nss_engine_init.c b/nss_engine_init.c
index 6f33db4..304ee9a 100644
--- a/nss_engine_init.c
+++ b/nss_engine_init.c
@@ -717,6 +717,19 @@ static void nss_init_ctx_cipher_suite(server_rec *s,
}
}
+static void nss_init_server_check(server_rec *s,
+ apr_pool_t *p,
+ apr_pool_t *ptemp,
+ modnss_ctx_t *mctx)
+{
+ if (mctx->servercert != NULL || mctx->serverkey != NULL) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+ "Illegal attempt to re-initialise SSL for server "
+ "(theoretically shouldn't happen!)");
+ nss_die();
+ }
+}
+
static void nss_init_ctx(server_rec *s,
apr_pool_t *p,
apr_pool_t *ptemp,
@@ -895,6 +908,8 @@ static void nss_init_server_ctx(server_rec *s,
apr_pool_t *ptemp,
SSLSrvConfigRec *sc)
{
+ nss_init_server_check(s, p, ptemp, sc->server);
+
nss_init_ctx(s, p, ptemp, sc->server);
nss_init_server_certs(s, p, ptemp, sc->server);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-fedora-ds/libapache2-mod-nss.git
More information about the Pkg-fedora-ds-maintainers
mailing list