*Problem:*
When both HTTP and HTTPS support in mathopd is used simultaneously (using
multiple server blocks in the mathopd configuration file), mathopd is killed
with Segmentation fault.
In this scenario, only the HTTPS connections will contain valid SSL contexts
(i.e valid openssl_connection pointer in struct connection). Whenever a
connection is closed, the openssl_connection pointer is also cleaned up if
it is valid (i.e not NULL). But the openssl_connection pointer is not
reinitialized to NULL after freeing the memory. And this connection is
returned to the free pool of connections for use in subsequent connections.
If this connection structure is subsequently assigned for a HTTP connection,
then during connection close, the openssl_connection is again cleaned up
since it is not NULL. This causes segmentation fault.
*Fix:*
The fix is to initialize the SSL context to NULL on connection close
(close_connection function in core.c):
The patch for this fix is as below:
--- old/mathopd/core.c 2009-03-05 16:38:28.000000000 +0530
+++ new/mathopd/core.c 2009-03-05 16:41:32.000000000 +0530
@@ -196,6 +196,9 @@
#ifdef USE_SSL_OPENSSL
if(cn->openssl_connection)
SSL_free (cn->openssl_connection);
+ // Initialize to NULL to avoid invalid access later
+ // when this connection is used for a HTTP connection
+ cn->openssl_connection = NULL;
#endif
if (cn->rfd != -1) {
regards
Keerthana
