Hi Klaus,
thanks for pointing is out - I will take care of this.
regards,
bogdan
Klaus Darilion wrote:
I wonder why this was not backported to 1.1?
regards
klaus
Bogdan-Andrei Iancu wrote:
Revision: 1758
http://openser.svn.sourceforge.net/openser/?rev=1758&view=rev
Author: bogdan_iancu
Date: 2007-03-06 09:06:36 -0800 (Tue, 06 Mar 2007)
Log Message:
-----------
- fixed bug when the ssl library you compile against uses kerberos.
Kerberos
implementaion is faulty when comes to memory management as it
always use the
libc malloc/free (for the kerberos context). And the SSL structure
is kept in
shm memory and moved across processes, so the link from SSL to
krb_ctx will
become broken (point into private memory of another process).
The fix is to imediatly free the krb_ctx (if kerberos is compiled
in) to
avoid the broken mem reference.
At compile time, the kerberos presnece is tested (OPENSSL_NO_KRB5)
to see if
the fix should be activated or not.
At runtime, the code performs a check to see if the library you are
running
agaist is the same as the one you compilled against (from kerberos
presence
point of view). This prevents crashes like: compile openser against
an openssl
with no kerberos (so the fix will not be activated) and later run
it agaist
an openssl with kerberos.
If differences are detected, openser will not start and you
probably need to
recompile it locally.
Thanks to Paulo Angonese <[EMAIL PROTECTED]> and
[EMAIL PROTECTED]
for report and help in debugging this.
Modified Paths:
--------------
trunk/tls/tls_init.c
trunk/tls/tls_server.c
This was sent by the SourceForge.net collaborative development
platform, the world's largest Open Source development site.
_______________________________________________
Devel mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/devel
_______________________________________________
Devel mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/devel
