From: Doug MacEachern <dougm@apache.org>
Date: Wed, 13 Mar 2002 04:49:23 +0000 (+0000)
Subject: switch to ptemp pool for ssl_pphrase_Handle
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ea3476dd6f81293fcc02c5378210abe1039b4992;p=apache

switch to ptemp pool for ssl_pphrase_Handle


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93894 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 8a8ab0acd3..602c18204c 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -268,7 +268,13 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
      */
     ssl_rand_seed(base_server, ptemp, SSL_RSCTX_STARTUP, "Init: ");
 
-    ssl_pphrase_Handle(base_server, p);
+    /*
+     * read server private keys/public certs into memory.
+     * decrypting any encrypted keys via configured SSLPassPhraseDialogs
+     * anything that needs to live longer than ptemp needs to also survive
+     * restarts, in which case they'll live inside s->process->pool.
+     */
+    ssl_pphrase_Handle(base_server, ptemp);
 
     ssl_tmp_keys_init(base_server);
 
diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c
index cd8d77b35e..56237c0658 100644
--- a/modules/ssl/ssl_engine_pphrase.c
+++ b/modules/ssl/ssl_engine_pphrase.c
@@ -109,7 +109,7 @@ static apr_status_t exists_and_readable(char *fname, apr_pool_t *pool, apr_time_
 static char *asn1_table_vhost_key(SSLModConfigRec *mc, apr_pool_t *p,
                                   char *id, char *an)
 {
-    /* 'p' pool used here is cleared on restarts */
+    /* 'p' pool used here is cleared on restarts (or sooner) */
     char *key = apr_psprintf(p, "%s:%s", id, an);
     void *keyptr = apr_hash_get(mc->tVHostKeys, key,
                                 APR_HASH_KEY_STRING);