[
https://issues.apache.org/jira/browse/TS-4858?focusedWorklogId=30327&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-30327
]
ASF GitHub Bot logged work on TS-4858:
--------------------------------------
Author: ASF GitHub Bot
Created on: 10/Oct/16 15:23
Start Date: 10/Oct/16 15:23
Worklog Time Spent: 10m
Work Description: Github user shinrich commented on a diff in the pull
request:
https://github.com/apache/trafficserver/pull/1024#discussion_r82625741
--- Diff: iocore/net/SSLUtils.cc ---
@@ -2159,7 +2123,7 @@ ssl_callback_session_ticket(SSL *ssl, unsigned char
*keyname, unsigned char *iv,
ssl_ticket_key_block *keyblock = NULL;
if (cc == NULL || cc->keyblock == NULL) {
// Try the default
- keyblock = global_default_keyblock;
+ keyblock = params->default_global_keyblock;
--- End diff --
Not sure I'm following your used just once comment. The keyblock is used
only within this function. As long as we have acquired the SSLConfig, the
keyblock value it refers to will not disappear. It seems that in most cases,
the overlap on config reload will be at most one, but it could be multiple
safely as long as we have a referece to the SSLConfig before we start and hold
it the entire time we are using the keyblock value.
Issue Time Tracking
-------------------
Worklog Id: (was: 30327)
Time Spent: 2.5h (was: 2h 20m)
> Global session ticket key block leaks.
> --------------------------------------
>
> Key: TS-4858
> URL: https://issues.apache.org/jira/browse/TS-4858
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: James Peach
> Assignee: Syeda Persia Aziz
> Fix For: 7.1.0
>
> Time Spent: 2.5h
> Remaining Estimate: 0h
>
> From source inspection, ``global_default_keyblock`` is always assigned so it
> will leak on configuration reload.
> Have not reproduced this since I wasn't able to get SSL config reload to work
> :-(
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
