*) mod_md: update to version 2.6.6

     - Fix a small memory leak when using OpenSSL's BIGNUMs. [Theo Buehler]
     - Fix reuse of curl easy handles by resetting them. [Michael Kaufmann]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1929883 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/changes-entries/md_v2.6.6.txt b/changes-entries/md_v2.6.6.txt
new file mode 100644 (file)
index 0000000..700e0fb
--- /dev/null
+++ b/changes-entries/md_v2.6.6.txt
@@ -0,0 +1,3 @@
+  *) mod_md: update to version 2.6.6
+     - Fix a small memory leak when using OpenSSL's BIGNUMs. [Theo Buehler]
+     - Fix reuse of curl easy handles by resetting them. [Michael Kaufmann]

diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c
index b06d95049013ba45473999b1ae3face194881f49..eef1268353921499d0fbc079e17441e0de97068d 100644 (file)
--- a/modules/md/md_crypt.c
+++ b/modules/md/md_crypt.c
@@ -1244,7 +1244,7 @@ const char *md_cert_get_serial_number(const md_cert_t *cert, apr_pool_t *p)
         serial = BN_bn2hex(bn);
         s = apr_pstrdup(p, serial);
         OPENSSL_free((void*)serial);
-        OPENSSL_free((void*)bn);
+        BN_free(bn);
     }
     return s;
 }
@@ -2254,7 +2254,7 @@ apr_status_t md_cert_get_ari_cert_id(const char **pari_cert_id,
     memset(&ser_buf, 0, sizeof(ser_buf));
     bn = ASN1_INTEGER_to_BN(serial, NULL);
     sder_len = BN_bn2bin(bn, sbuf);
-    OPENSSL_free((void*)bn);
+    BN_free(bn);
     if (sder_len < 1)
         return APR_EINVAL;
     ser_buf.len = (apr_size_t)sder_len;

diff --git a/modules/md/md_curl.c b/modules/md/md_curl.c
index e6a37176e980e99c66a77c10cf3e1734c98ed54a..fac2ab8ec911f57ba74bc11e10be2c0a0f3ae5c2 100644 (file)
--- a/modules/md/md_curl.c
+++ b/modules/md/md_curl.c
@@ -255,17 +255,19 @@ static apr_status_t internals_setup(md_http_request_t *req)
             rv = APR_EGENERAL;
             goto leave;
         }
-        curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_cb);
-        curl_easy_setopt(curl, CURLOPT_HEADERDATA, NULL);
-        curl_easy_setopt(curl, CURLOPT_READFUNCTION, req_data_cb);
-        curl_easy_setopt(curl, CURLOPT_READDATA, NULL);
-        curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, resp_data_cb);
-        curl_easy_setopt(curl, CURLOPT_WRITEDATA, NULL);
     }
     else {
         md_log_perror(MD_LOG_MARK, MD_LOG_TRACE3, 0, req->pool, "reusing curl instance from http");
+        curl_easy_reset(curl);
     }
 
+    curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_cb);
+    curl_easy_setopt(curl, CURLOPT_HEADERDATA, NULL);
+    curl_easy_setopt(curl, CURLOPT_READFUNCTION, req_data_cb);
+    curl_easy_setopt(curl, CURLOPT_READDATA, NULL);
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, resp_data_cb);
+    curl_easy_setopt(curl, CURLOPT_WRITEDATA, NULL);
+
     internals = apr_pcalloc(req->pool, sizeof(*internals));
     internals->curl = curl;
         

diff --git a/modules/md/md_ocsp.c b/modules/md/md_ocsp.c
index 869fbb64b743120e0f312d7c6afc6ffdccee8f19..d2dfd73b68bc0f06ee792f1565f80255b26fd2e4 100644 (file)
--- a/modules/md/md_ocsp.c
+++ b/modules/md/md_ocsp.c
@@ -532,7 +532,7 @@ static const char *certid_summary(const OCSP_CERTID *certid, apr_pool_t *p)
         bn = ASN1_INTEGER_to_BN(aserial, NULL);
         s = BN_bn2hex(bn);
         serial = apr_pstrdup(p, s);
-        OPENSSL_free((void*)bn);
+        BN_free(bn);
         OPENSSL_free((void*)s);
     }
     return apr_psprintf(p, "certid[der=%s, issuer=%s, key=%s, serial=%s]",

diff --git a/modules/md/md_version.h b/modules/md/md_version.h
index 858d44d9a33a6df2ed0a6d1c0bed477490c64e17..f977263dab14fbb9281b34d08e98b25b1c47da66 100644 (file)
--- a/modules/md/md_version.h
+++ b/modules/md/md_version.h
@@ -27,7 +27,7 @@
  * @macro
  * Version number of the md module as c string
  */
-#define MOD_MD_VERSION "2.6.5-git"
+#define MOD_MD_VERSION "2.6.6"
 
 /**
  * @macro
@@ -35,7 +35,7 @@
  * release. This is a 24 bit number with 8 bits for major number, 8 bits
  * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
  */
-#define MOD_MD_VERSION_NUM 0x020605
+#define MOD_MD_VERSION_NUM 0x020606
 
 #define MD_ACME_DEF_URL         "https://acme-v02.api.letsencrypt.org/directory"