[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: svn commit: r1198930 - in /httpd/httpd/trunk: include/mod_core.h server/core.c server/main.c

> Am 03.08.2018 um 13:34 schrieb Yann Ylavic <ylavic.dev@xxxxxxxxx>:
> On Fri, Aug 3, 2018 at 12:45 PM, Yann Ylavic <ylavic.dev@xxxxxxxxx> wrote:
>> On Fri, Aug 3, 2018 at 11:46 AM, Ruediger Pluem <rpluem@xxxxxxxxxx> wrote:
>>>> +    ap_init_rng(ap_pglobal);
>>> With APR trunk used this now causes httpd to SEGFAULT in EVP_cleanup
>>> when it stops in case mod_ssl is loaded. This is because mod_ssl
>>> stored data in Openssl data structures that points to it (likely
>>> static data in mod_ssl), but it gets unloaded due to the pconf pool
>>> cleanup before the crypto_lib_cleanup runs EVP_cleanup as it is a
>>> cleanup on the parent pool ap_pglobal.
>> Ouch, ISTM that mod_ssl should cleanup what it owns after itself.
>> Any idea which static data (or code/callbacks) in mod_ssl are still pointed to?
> Hmm, while all the libcrypto part is initialized in APR, the libssl
> one is (used in) mod_ssl only, so SSL_load_error_strings() and
> SSL_library_init() are scoped to mod_ssl but not de-inited with pconf.
> I'm not sure there is a way to de-init them (and only them)...
> Possibly apr_crypto_lib_init() should be able to init libssl too (optionally).

Never looked at it before. How is the abstraction in apr_crypto supposed to manage 
the lifetime of the components? E.g. when calling apr_crypto_prng_init() 
one ties the whole openssl crypto's lifetime to the pool given there?

Does everyone check for APR_EREINIT? And if it comes, what is one supposed to do?
Is a reference counting de-allocation not better fitting?