Heya,
I have reduced this bug to the minimal test case, involving an
rt-server consisting of:
use strict;
use warnings;
use DBI;
my $FAIL = 1;
my $dbh = DBI->connect("dbi:Pg:dbname=rtdb;host=localhost;"
."sslmode=". ($FAIL ? "require" :
"disable"),
"rtuser","password");
$dbh->{InactiveDestroy} = 1;
return sub {};
Please give the attached patch a whirl. I believe you'll need to apply
it from within /usr/share/request-tracker4/
- Alex
>From 1f848abe120b45a5fe23e8b4b25b9b09b34c54ad Mon Sep 17 00:00:00 2001
From: Alex Vandiver <ale...@bestpractical.com>
Date: Wed, 9 Nov 2011 02:35:34 -0500
Subject: [PATCH] Restore database disconnection state after successful safe_run_child
RT::Util's safe_run_child sets its database handles to not disconnect
themselves if they are destroyed, before calling the provided function
which may fork and exec. It explicitly re-enables those bits prior to
die'ing if the exec fails, to ensure that the database handle is torn
down correctly during the global destruction that would shortly ensue.
However, it fails to re-instate those bits after a _successful_ call.
This leaves the main database handle in a state where it does not tear
down the connection during global destruction.
This is particularly destructive in the case where:
(a) RT uses PostgreSQL as its backend database
(b) The database connection to PostgreSQL uses SSL, as is the default
if the server supports it
(c) The RT server is embedded into the Apache server using mod_perl
(c) Apache has also loaded the SSL libraries for HTTPS support
This causes libcrypto.so to be used in two places in the Apache process,
by both Perl's binary PostgreSQL driver, as well as core Apache's; they
thus share some internal state. The lack of orderly teardown of the
SSL-enabled database connection causes corruption in the SSL engine's
internal state during the Apache shutdown process, which could lead to
segmentation faults in Apache.
Resolve this by explicitly re-instating the disconnect-on-destroy flags
after a successful safe_run_child.
---
lib/RT/Util.pm | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/lib/RT/Util.pm b/lib/RT/Util.pm
index d2220c8..70d4625 100644
--- a/lib/RT/Util.pm
+++ b/lib/RT/Util.pm
@@ -93,6 +93,8 @@ sub safe_run_child (&) {
#TODO we need to localize this
die 'System Error: ' . $err;
};
+ $dbh->{'InactiveDestroy'} = 0 if $dbh;
+ $RT::Handle->{'DisconnectHandleOnDestroy'} = 1;
return $want? (@res) : $res[0];
}
--
1.7.4.1
