just prevents the internal lookup but does not prevent the caching.
OpenSSL 0.9.6h onwards has a new flag 'SSL_SESS_CACHE_NO_INTERNAL' to
prevent OpenSSL from both lookup and caching the sessions internally.
PR: 26562
Reviewed by: Geoff Thorpe, Joe Orton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103165
13f79535-47bb-0310-9956-
ffa450edef68
[Remove entries to the current 2.0 section below, when backported]
+ *) mod_ssl: Disable the extra session caching in OpenSSL to prevent memory
+ leak. PR 26562. [Madhusudan Mathihalli]
+
*) work around MSIE Digest auth bug - if AuthDigestEnableQueryStringHack
is set in r->subprocess_env allow mismatched query strings to pass.
PR 27758. [Paul Querna <chip force-elite.com>, Geoffrey Young]
long cache_mode = SSL_SESS_CACHE_OFF;
if (mc->nSessionCacheMode != SSL_SCMODE_NONE) {
- /* SSL_SESS_CACHE_NO_INTERNAL_LOOKUP will force OpenSSL
+ /* SSL_SESS_CACHE_NO_INTERNAL will force OpenSSL
* to ignore process local-caching and
* to always get/set/delete sessions using mod_ssl's callbacks.
*/
- cache_mode = SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_LOOKUP;
+ cache_mode = SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL;
}
SSL_CTX_set_session_cache_mode(ctx, cache_mode);
SSL_set_verify(ssl, verify, cb)
#endif
+#ifndef SSL_SESS_CACHE_NO_INTERNAL
+#define SSL_SESS_CACHE_NO_INTERNAL SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+#endif
+
#endif /* SSL_TOOLKIT_COMPAT_H */
projects / apache / commitdiff