SSL structure for each plain-HTTP-on-SSL-port request.
PR: 27106
Reviewed by: Jeff Trawick, Justin Erenkrantz
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@102880
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.49
+ *) SECURITY: CAN-2004-0113 (cve.mitre.org)
+ mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
+ PR 27106. [Joe Orton]
+
*) mod_ssl: Fix bug in passphrase handling which could cause spurious
failures in SSL functions later. PR 21160. [Joe Orton]
APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2004/03/06 18:35:44 $]
+Last modified at [$Date: 2004/03/07 22:03:15 $]
Release:
+1: madhum, jerenkrantz, jorton
(jorton: needs libhttpd.dsp change for Win32 too)
- * mod_ssl: Fix nasty memory leak for each plain-HTTP-on-SSL-port request.
- PR: 27106
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.117&r2=1.118
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.120&r2=1.121
- +1: jorton, trawick, jerenkrantz
-
* mod_setenvif: remove support for remote_user variable which never
worked at all. PR 25725 (2.0 + 1.3)
modules/metadata/mod_setenvif.c: r1.50
sizeof(HTTP_ON_HTTPS_PORT) - 1, \
alloc)
-static void ssl_io_filter_disable(ap_filter_t *f)
+static void ssl_io_filter_disable(SSLConnRec *sslconn, ap_filter_t *f)
{
bio_filter_in_ctx_t *inctx = f->ctx;
+ SSL_free(inctx->ssl);
+ sslconn->ssl = NULL;
inctx->ssl = NULL;
inctx->filter_ctx->pssl = NULL;
}
ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, f->c->base_server);
sslconn->non_ssl_request = 1;
- ssl_io_filter_disable(f);
+ ssl_io_filter_disable(sslconn, f);
/* fake the request line */
bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);
projects / thirdparty / apache / httpd.git / commitdiff
