BUG/MINOR: ssl: Properly manage alloc failures in SSL passphrase callback

Some error paths in 'ssl_sock_passwd_cb' (allocation failures) did not
set the 'passphrase_idx' to -1 which is the way for the caller to know
not to call the callback again so in some memory contention contexts we
could end up calling the callback 'infinitely' (or until memory is
finally available).

This patch must be backported to 3.3.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index a8168830964647f4558d2cb31251fa5c9e69a641..3f25b93ce1583ef887df4ac27e6f97c8a7f18146 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3832,13 +3832,16 @@ int ssl_sock_passwd_cb(char *buf, int size, int rwflag, void *userdata)
        global_ssl.passphrase_cmd[1] = strdup(data->path);
 
        if (!global_ssl.passphrase_cmd[1]) {
+               data->passphrase_idx = -1;
                ha_alert("ssl_sock_passwd_cb: allocation failure\n");
                return -1;
        }
 
        if (!passphrase_cache)
-               if (ssl_sock_create_passphrase_cache())
+               if (ssl_sock_create_passphrase_cache()) {
+                       data->passphrase_idx = -1;
                        return -1;
+               }
 
        /* Try all the already known passphrases first. */
        if (data->passphrase_idx < passphrase_idx) {