From: Joe Orton Date: Sun, 7 Mar 2004 22:03:16 +0000 (+0000) Subject: * modules/ssl/ssl_engine_io.c (ssl_io_filter_disable): Don't leak an X-Git-Tag: 2.0.49~45 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0e31d5c4db6db14ae70f1be8ed722f0b73e0d695;p=thirdparty%2Fapache%2Fhttpd.git * modules/ssl/ssl_engine_io.c (ssl_io_filter_disable): Don't leak an SSL structure for each plain-HTTP-on-SSL-port request. PR: 27106 Reviewed by: Jeff Trawick, Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@102880 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index f0b0b20edbd..4edb18d0173 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,9 @@ Changes with Apache 2.0.49 + *) SECURITY: CAN-2004-0113 (cve.mitre.org) + mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling. + PR 27106. [Joe Orton] + *) mod_ssl: Fix bug in passphrase handling which could cause spurious failures in SSL functions later. PR 21160. [Joe Orton] diff --git a/STATUS b/STATUS index 3dce5a0fde6..84b8066f4f0 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2004/03/06 18:35:44 $] +Last modified at [$Date: 2004/03/07 22:03:15 $] Release: @@ -103,12 +103,6 @@ PATCHES TO BACKPORT FROM 2.1 +1: madhum, jerenkrantz, jorton (jorton: needs libhttpd.dsp change for Win32 too) - * mod_ssl: Fix nasty memory leak for each plain-HTTP-on-SSL-port request. - PR: 27106 - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.117&r2=1.118 - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.120&r2=1.121 - +1: jorton, trawick, jerenkrantz - * mod_setenvif: remove support for remote_user variable which never worked at all. PR 25725 (2.0 + 1.3) modules/metadata/mod_setenvif.c: r1.50 diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c index b26cd6e69e6..d48f581f9fc 100644 --- a/modules/ssl/ssl_engine_io.c +++ b/modules/ssl/ssl_engine_io.c @@ -821,9 +821,11 @@ static apr_status_t ssl_filter_write(ap_filter_t *f, sizeof(HTTP_ON_HTTPS_PORT) - 1, \ alloc) -static void ssl_io_filter_disable(ap_filter_t *f) +static void ssl_io_filter_disable(SSLConnRec *sslconn, ap_filter_t *f) { bio_filter_in_ctx_t *inctx = f->ctx; + SSL_free(inctx->ssl); + sslconn->ssl = NULL; inctx->ssl = NULL; inctx->filter_ctx->pssl = NULL; } @@ -845,7 +847,7 @@ static apr_status_t ssl_io_filter_error(ap_filter_t *f, ssl_log_ssl_error(APLOG_MARK, APLOG_INFO, f->c->base_server); sslconn->non_ssl_request = 1; - ssl_io_filter_disable(f); + ssl_io_filter_disable(sslconn, f); /* fake the request line */ bucket = HTTP_ON_HTTPS_PORT_BUCKET(f->c->bucket_alloc);