On Fri, Aug 3, 2018 at 12:45 PM, Yann Ylavic <[email protected]> wrote: > On Fri, Aug 3, 2018 at 11:46 AM, Ruediger Pluem <[email protected]> wrote: >>> + ap_init_rng(ap_pglobal); >> >> With APR trunk used this now causes httpd to SEGFAULT in EVP_cleanup >> when it stops in case mod_ssl is loaded. This is because mod_ssl >> stored data in Openssl data structures that points to it (likely >> static data in mod_ssl), but it gets unloaded due to the pconf pool >> cleanup before the crypto_lib_cleanup runs EVP_cleanup as it is a >> cleanup on the parent pool ap_pglobal. > > Ouch, ISTM that mod_ssl should cleanup what it owns after itself. > Any idea which static data (or code/callbacks) in mod_ssl are still pointed > to?
Hmm, while all the libcrypto part is initialized in APR, the libssl one is (used in) mod_ssl only, so SSL_load_error_strings() and SSL_library_init() are scoped to mod_ssl but not de-inited with pconf. I'm not sure there is a way to de-init them (and only them)... Possibly apr_crypto_lib_init() should be able to init libssl too (optionally).
