switch SSLModConfigRec.tPublicCert to ssl_asn1_table api to prevent

leakage on restarts.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93615 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h
index 54ffddc18f9cc025916ddea66d35b06ab6393da3..6055fe7ddc214845aacfb6486dfa72469ffc8a4c 100644 (file)
--- a/modules/ssl/mod_ssl.h
+++ b/modules/ssl/mod_ssl.h
@@ -518,7 +518,7 @@ typedef struct {
     int             nScoreboardSize; /* used for builtin random seed */
     apr_hash_t     *tTmpKeys;
     void           *pTmpKeys[SSL_TKPIDX_MAX];
-    ssl_ds_table   *tPublicCert;
+    apr_hash_t     *tPublicCert;
     apr_hash_t     *tPrivateKey;
 #ifdef SSL_EXPERIMENTAL_ENGINE
     char           *szCryptoDevice;

diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index 6e0ad3e4d319f0e6ed8819001e0e314e1583367a..fd291fec4b52fe500ae8e299fa4f8eb697ff9d96 100644 (file)
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -102,7 +102,7 @@ SSLModConfigRec *ssl_config_global_create(server_rec *s)
         mc->pMutex                 = NULL;
         mc->aRandSeed              = apr_array_make(pPool, 4, sizeof(ssl_randseed_t));
         mc->tPrivateKey            = apr_hash_make(pPool);
-        mc->tPublicCert            = ssl_ds_table_make(pPool, sizeof(ssl_asn1_t));
+        mc->tPublicCert            = apr_hash_make(pPool);
         mc->tTmpKeys               = apr_hash_make(pPool);
 #ifdef SSL_EXPERIMENTAL_ENGINE
         mc->szCryptoDevice         = NULL;

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index a427a7dadf4cd5cffc5972a115384159b59c0b72..ba00484cffa51925c0ff0dae1cc06e1d199e07f5 100644 (file)
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -590,7 +590,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc)
      */
     ok = FALSE;
     cp = apr_psprintf(p, "%s:RSA", cpVHostID);
-    if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPublicCert, cp)) != NULL) {
+    if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, cp)) != NULL) {
         ssl_log(s, SSL_LOG_TRACE,
                 "Init: (%s) Configuring RSA server certificate", cpVHostID);
         ucp = asn1->cpData;
@@ -609,7 +609,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc)
         ok = TRUE;
     }
     cp = apr_psprintf(p, "%s:DSA", cpVHostID);
-    if ((asn1 = (ssl_asn1_t *)ssl_ds_table_get(mc->tPublicCert, cp)) != NULL) {
+    if ((asn1 = ssl_asn1_table_get(mc->tPublicCert, cp)) != NULL) {
         ssl_log(s, SSL_LOG_TRACE,
                 "Init: (%s) Configuring DSA server certificate", cpVHostID);
         ucp = asn1->cpData;

diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c
index cf5ae614b75a42ae9a8da09a07199c02d879c228..0a7c0c92689a8d6366e0b1895ce067e534c04f70 100644 (file)
--- a/modules/ssl/ssl_engine_pphrase.c
+++ b/modules/ssl/ssl_engine_pphrase.c
@@ -200,10 +200,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
              * configuration structures).
              */
             cp = apr_psprintf(mc->pPool, "%s:%s", cpVHostID, an);
-            asn1 = (ssl_asn1_t *)ssl_ds_table_push(mc->tPublicCert, cp);
-            asn1->nData  = i2d_X509(pX509Cert, NULL);
-            asn1->cpData = apr_palloc(mc->pPool, asn1->nData);
-            ucp = asn1->cpData; i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */
+            length = i2d_X509(pX509Cert, NULL);
+            ucp = ssl_asn1_table_set(mc->tPublicCert, cp, length);
+            (void)i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */
 
             /*
              * Free the X509 structure