Prior to r1877345 mc->pPool was the process pool (s->process->pool).

Drop the field from SSLModConfigRec and use pconf instead (where
appropriate) to match the new SSLModConfigRec lifetime.

* modules/ssl/ssl_engine_kernel.c (ssl_callback_DelSessionCacheEntry):
  Explicitly (and probably unsafely) use the process pool.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLRandomSeed): Use
  cmd->pool to allocate paths.

* modules/ssl/ssl_engine_init.c (ssl_init_Module): Use pconf
  to allocate the keylog_file.

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Drop lookup
  of SSLModConfigRec and use s->process->pool when no pool is
  passed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1877347 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index bb2dbedd212e61fea881e5f2ef352412d237e1d8..f3d1e4a42732e451d5bc24d2312f97f1ef4fc2d1 100644 (file)
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -54,7 +54,6 @@ static SSLModConfigRec *ssl_config_global_create(apr_pool_t *pool, server_rec *s
     }
 
     mc = apr_pcalloc(pool, sizeof(*mc));
-    mc->pPool = pool;
 
     /*
      * initialize per-module configuration
@@ -748,16 +747,16 @@ const char *ssl_cmd_SSLRandomSeed(cmd_parms *cmd,
 
     if ((arg2len > 5) && strEQn(arg2, "file:", 5)) {
         seed->nSrc   = SSL_RSSRC_FILE;
-        seed->cpPath = ap_server_root_relative(mc->pPool, arg2+5);
+        seed->cpPath = ap_server_root_relative(cmd->pool, arg2+5);
     }
     else if ((arg2len > 5) && strEQn(arg2, "exec:", 5)) {
         seed->nSrc   = SSL_RSSRC_EXEC;
-        seed->cpPath = ap_server_root_relative(mc->pPool, arg2+5);
+        seed->cpPath = ap_server_root_relative(cmd->pool, arg2+5);
     }
     else if ((arg2len > 4) && strEQn(arg2, "egd:", 4)) {
 #ifdef HAVE_RAND_EGD
         seed->nSrc   = SSL_RSSRC_EGD;
-        seed->cpPath = ap_server_root_relative(mc->pPool, arg2+4);
+        seed->cpPath = ap_server_root_relative(cmd->pool, arg2+4);
 #else
         return apr_pstrcat(cmd->pool, "Invalid SSLRandomSeed entropy source `",
                            arg2, "': This version of " MODSSL_LIBRARY_NAME
@@ -771,7 +770,7 @@ const char *ssl_cmd_SSLRandomSeed(cmd_parms *cmd,
     }
     else {
         seed->nSrc   = SSL_RSSRC_FILE;
-        seed->cpPath = ap_server_root_relative(mc->pPool, arg2);
+        seed->cpPath = ap_server_root_relative(cmd->pool, arg2);
     }
 
     if (seed->nSrc != SSL_RSSRC_BUILTIN) {

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index a59a055bab4f87b7b26b1f767c2068754594bf72..46330601f6af3e2427dbfd73f470759cb2ca2745 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -449,7 +449,7 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
             rv = apr_file_open(&mc->keylog_file, logfn,
                                APR_FOPEN_CREATE|APR_FOPEN_WRITE|APR_FOPEN_APPEND|APR_FOPEN_LARGEFILE,
                                APR_FPROT_UREAD|APR_FPROT_UWRITE,
-                               mc->pPool);
+                               p);
             if (rv) {
                 ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, s, APLOGNO(10226)
                              "Could not open log file '%s' configured via SSLKEYLOGFILE",

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 21df1eeb8f67bd0bd151ecd9cfb1526ccea2eb44..9787ae345edf1cf3e14e5bc14749b69d33498238 100644 (file)
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -2169,7 +2169,6 @@ void ssl_callback_DelSessionCacheEntry(SSL_CTX *ctx,
                                        SSL_SESSION *session)
 {
     server_rec *s;
-    SSLSrvConfigRec *sc;
     IDCONST unsigned char *id;
     unsigned int idlen;
 
@@ -2180,8 +2179,6 @@ void ssl_callback_DelSessionCacheEntry(SSL_CTX *ctx,
         return; /* on server shutdown Apache is already gone */
     }
 
-    sc = mySrvConfig(s);
-
     /*
      * Remove the SSL_SESSION from the inter-process cache
      */
@@ -2192,8 +2189,8 @@ void ssl_callback_DelSessionCacheEntry(SSL_CTX *ctx,
     idlen = session->session_id_length;
 #endif
 
-    /* TODO: Do we need a temp pool here, or are we always shutting down? */
-    ssl_scache_remove(s, id, idlen, sc->mc->pPool);
+    /* ### Is it really safe to use the process pool here??? */
+    ssl_scache_remove(s, id, idlen, s->process->pool);
 
     ssl_session_log(s, "REM", id, idlen,
                     "OK", "dead", 0);

diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 63f65ed2c4a963d701efcab97f851b87a6b1f517..249434a8108f7783e55afe7142c742028c1abaf5 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -241,7 +241,6 @@ void ssl_var_register(apr_pool_t *p)
 /* This function must remain safe to use for a non-SSL connection. */
 char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, char *var)
 {
-    SSLModConfigRec *mc = myModConfig(s);
     const char *result;
     BOOL resdup;
     apr_time_exp_t tm;
@@ -249,6 +248,8 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
     result = NULL;
     resdup = TRUE;
 
+    AP_DEBUG_ASSERT(s);
+    
     /*
      * When no pool is given try to find one
      */
@@ -258,7 +259,7 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
         else if (c != NULL)
             p = c->pool;
         else
-            p = mc->pPool;
+            p = s->process->pool;
     }
 
     /*

diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 6f48e1586bcbb09f171e3f88676b0498450438fc..1798cc5f48018e3eae260245a25643021196fa37 100644 (file)
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -586,7 +586,6 @@ typedef struct {
 
 typedef struct {
     pid_t           pid;
-    apr_pool_t     *pPool;
     BOOL            bFixed;
 
     /* OpenSSL SSL_SESS_CACHE_* flags: */