Commit ID: 100561C238330BE844C
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/10/12 21:21:29 UTC
Modified files:
usr.sbin/httpd/src/include: httpd.h
usr.sbin/httpd/src/main: http_main.c
usr.sbin/httpd/src/modules/ssl: ssl_engine_kernel.c
Log message:
attempt at fixing the httpd segfaults:
cause is:
• long connection¹ or keepalive connection², with SSL
• timeout is triggered
• signal handler is not signal handler safe: it calls the various
modules’ connection shutdown hooks; the mod_ssl one calls SSL_free(s);
• now the signal handler returns to the application
• which is occasionally still within SSL_write()
• which now calls ssl3_write_pending() to flush the buffer
• which accesses *s and thus free’d memory
fix attempt is:
• signal handler sets an additional flag #1 in connection context
• mod_ssl connection shutdown hook checks for this flag; if found:
– does not shutdown the SSL connection
– does not free the SSL context (but unhooks it)
‣ leaks the SSL context
– sets a new connection context flag #2 (death request)
• child main checks for death request flag, honours it on quickest path
① cf. <[email protected]> (GMane)
② as observed by making httpd dump core
To generate a diff of this changeset, execute the following commands:
cvs -R rdiff -kk -upr1.10 -r1.11 src/usr.sbin/httpd/src/include/httpd.h
cvs -R rdiff -kk -upr1.12 -r1.13 src/usr.sbin/httpd/src/main/http_main.c
cvs -R rdiff -kk -upr1.1.1.2 -r1.2
src/usr.sbin/httpd/src/modules/ssl/ssl_engine_kernel.c
