[ https://issues.apache.org/jira/browse/TS-2967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14081562#comment-14081562 ]
James Peach commented on TS-2967: --------------------------------- 0 is an invalid config index, so {{ConfigProcessor::get}} will return NULL for that. The only place I can see that needs a NULL check is {{SSLNetVConnection::sslStartHandShake}}. > failed assert if ssl_multicert.config doesn't exist > --------------------------------------------------- > > Key: TS-2967 > URL: https://issues.apache.org/jira/browse/TS-2967 > Project: Traffic Server > Issue Type: Bug > Reporter: Jack Bates > > If an ssl_multicert.config file doesn't exist then > SSLParseCertificateConfiguration() returns false (SSLUtils.cc line 1435) > and SSLCertificateConfig::reconfigure() doesn't initialize configid > (SSLConfig.cc line 333) > Then when SSLRecRawStatSyncCount() calls SSLCertificateConfig::acquire() > (SSLUtils.cc line 502) > it calls ConfigProcessor::get() with configid zero (SSLConfig.cc line 342) > and there's an ink_assert(id != 0) (ProxyConfig.cc line 175) > One way to avoid the failed assert is if SSLCertificateConfig::acquire() and > SSLCertificateConfig::release() only call ConfigProcessor::get/release() if > (configid !=0) > Another way might be if SSLCertificateConfig::reconfigure() initialized > configid with configProcessor.set(configid, NULL) if > SSLParseCertificateConfiguration() returns false? > Or SSLParseCertificateConfiguration() could treat a nonexistent > ssl_multicert.config the same as it treats a blank file? ({{touch > ssl_multicert.config}} makes the failed assert go away.) > Or maybe there's another better way to avoid the failed assert? -- This message was sent by Atlassian JIRA (v6.2#6252)