wrowe · wrowe · commit 26a602f9e556 · 2003-06-17T17:44:40.000Z
Reaction to Jeff Trawick's observations that we are double-initializing dynalinked OpenSSL Engines and Configs. Move the library teardown code so that it is torn down in the proper order, corresponding to when the library itself was initialized. And leave a little reminder that some memory diagnostics would be good if OpenSSL is built for malloc debugging. Suggested by: Geoff Thorpe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100288 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
@@ -230,6 +230,34 @@ static const command_rec ssl_config_cmds[] = {
 /*
  *  the various processing hooks
  */
+static apr_status_t ssl_cleanup_pre_config(void *data)
+{
+    /*
+     * Try to kill the internals of the SSL library.
+     */
+#ifdef OPENSSL_VERSION_NUMBER
+#if OPENSSL_VERSION_NUMBER >= 0x00907001
+    /* Corresponds to OPENSSL_load_builtin_modules():
+     * XXX: borrowed from apps.h, but why not CONF_modules_free()
+     * which also invokes CONF_modules_finish()?
+     */
+    CONF_modules_unload(1);
+#endif
+#endif
+    /* Corresponds to SSL_library_init: */
+    EVP_cleanup();
+#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
+    ENGINE_cleanup();
+#endif
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_state(0);
+    ERR_free_strings();
+    /* 
+     * TODO: determine somewhere we can safely shove out diagnostics 
+     *       (when enabled) at this late stage in the game:
+     * CRYPTO_mem_leaks_fp(stderr);
+     */
+}
 
 static int ssl_hook_pre_config(apr_pool_t *pconf,
                                apr_pool_t *plog,
@@ -251,6 +279,12 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
 #endif
     SSL_load_error_strings();
 
+    /*
+     * Let us cleanup the ssl library when the module is unloaded
+     */
+    apr_pool_cleanup_register(pconf, NULL, ssl_cleanup_pre_config,
+                                           apr_pool_cleanup_null);
+
     /* Register us to handle mod_log_config %c/%x variables */
     ssl_var_log_config_register(pconf);
 #if 0 /* XXX */
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
@@ -1251,13 +1251,6 @@ apr_status_t ssl_init_ModuleKill(void *data)
         ssl_init_ctx_cleanup_server(sc->server);
     }
 
-    /*
-     * Try to kill the internals of the SSL library.
-     */
-    ERR_free_strings();
-    ERR_remove_state(0);
-    EVP_cleanup();
-
     return APR_SUCCESS;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1251,13 +1251,6 @@ apr_status_t ssl_init_ModuleKill(void *data)`
`1251`	`1251`	`ssl_init_ctx_cleanup_server(sc->server);`
`1252`	`1252`	`}`
`1253`	`1253`
`1254`		`- /*`
`1255`		`- * Try to kill the internals of the SSL library.`
`1256`		`- */`
`1257`		`- ERR_free_strings();`
`1258`		`- ERR_remove_state(0);`
`1259`		`- EVP_cleanup();`
`1260`		`-`
`1261`	`1254`	`return APR_SUCCESS;`
`1262`	`1255`	`}`
`1263`	`1256`