You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficserver.apache.org by sh...@apache.org on 2015/04/28 21:24:40 UTC

[1/2] trafficserver git commit: TS-3554: Another memory leak fix in the SSL cert loading. Specifically the ticket key blocks.

Repository: trafficserver
Updated Branches:
  refs/heads/master 505593d43 -> 0a51ce2f6


TS-3554: Another memory leak fix in the SSL cert loading.  Specifically the ticket key blocks.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/88c5531b
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/88c5531b
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/88c5531b

Branch: refs/heads/master
Commit: 88c5531b2dccbf2378b7e518aa946ddf5f88c72a
Parents: 7ea121c
Author: shinrich <sh...@yahoo-inc.com>
Authored: Tue Apr 28 14:22:45 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Tue Apr 28 14:22:45 2015 -0500

----------------------------------------------------------------------
 iocore/net/P_SSLCertLookup.h |  1 +
 iocore/net/SSLCertLookup.cc  |  2 +-
 iocore/net/SSLUtils.cc       | 25 ++++++++++++++++++++-----
 3 files changed, 22 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/88c5531b/iocore/net/P_SSLCertLookup.h
----------------------------------------------------------------------
diff --git a/iocore/net/P_SSLCertLookup.h b/iocore/net/P_SSLCertLookup.h
index a6c3629..ebac339 100644
--- a/iocore/net/P_SSLCertLookup.h
+++ b/iocore/net/P_SSLCertLookup.h
@@ -66,6 +66,7 @@ struct SSLCertContext {
   explicit SSLCertContext(SSL_CTX *c) : ctx(c), opt(OPT_NONE), keyblock(NULL) {}
   SSLCertContext(SSL_CTX *c, Option o) : ctx(c), opt(o), keyblock(NULL) {}
   SSLCertContext(SSL_CTX *c, Option o, ssl_ticket_key_block *kb) : ctx(c), opt(o), keyblock(kb) {}
+  void release();
 
   SSL_CTX *ctx;                   ///< openSSL context.
   Option opt;                     ///< Special handling option.

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/88c5531b/iocore/net/SSLCertLookup.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLCertLookup.cc b/iocore/net/SSLCertLookup.cc
index 28755ba..2e40208 100644
--- a/iocore/net/SSLCertLookup.cc
+++ b/iocore/net/SSLCertLookup.cc
@@ -265,7 +265,7 @@ SSLContextStorage::~SSLContextStorage()
   for (unsigned i = 0; i < this->ctx_store.length(); ++i) {
     if (this->ctx_store[i].ctx != last_ctx) {
       last_ctx = this->ctx_store[i].ctx;
-      SSLReleaseContext(this->ctx_store[i].ctx);
+      this->ctx_store[i].release();
     }
   }
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/88c5531b/iocore/net/SSLUtils.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index ff2ff93..64d98e8 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -131,6 +131,18 @@ ticket_block_free(void *ptr)
   ats_free(ptr);
 }
 
+void SSLCertContext::release()
+{
+  if (keyblock) {
+    ticket_block_free(keyblock);
+    keyblock = NULL;
+  }
+  if (ctx) {
+    SSL_CTX_free(ctx);
+    ctx = NULL;
+  }
+}
+
 static ssl_ticket_key_block *
 ticket_block_alloc(unsigned count)
 {
@@ -1681,6 +1693,14 @@ ssl_store_ssl_context(const SSLConfigParams *params, SSLCertLookup *lookup, cons
       }
     }
   }
+  if (!inserted) {
+#if HAVE_OPENSSL_SESSION_TICKETS
+    if (keyblock != NULL) {
+      ticket_block_free(keyblock);
+    }
+#endif
+  }
+
 
 #if defined(SSL_OP_NO_TICKET)
   // Session tickets are enabled by default. Disable if explicitly requested.
@@ -1720,11 +1740,6 @@ ssl_store_ssl_context(const SSLConfigParams *params, SSLCertLookup *lookup, cons
     }
   }
   if (!inserted) {
-#if HAVE_OPENSSL_SESSION_TICKETS
-    if (keyblock != NULL) {
-      ticket_block_free(keyblock);
-    }
-#endif
     if (ctx != NULL) {
       SSL_CTX_free(ctx);
       ctx = NULL;

[2/2] trafficserver git commit: Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/trafficserver

Posted by sh...@apache.org.

Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/trafficserver


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/0a51ce2f
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/0a51ce2f
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/0a51ce2f

Branch: refs/heads/master
Commit: 0a51ce2f65a36249b486e5ad592ba9a9211467d5
Parents: 88c5531 505593d
Author: shinrich <sh...@yahoo-inc.com>
Authored: Tue Apr 28 14:24:10 2015 -0500
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Tue Apr 28 14:24:10 2015 -0500

----------------------------------------------------------------------
 CHANGES                                                   | 3 +++
 plugins/experimental/background_fetch/background_fetch.cc | 2 +-
 plugins/experimental/cache_promote/cache_promote.cc       | 3 +--
 3 files changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------