[Devel] SF.net SVN: openser: [1941] branches/1.1/tls

Bogdan-Andrei Iancu bogdan at voice-system.ro
Tue Apr 3 11:45:09 CEST 2007


Revision: 1941
          http://openser.svn.sourceforge.net/openser/?rev=1941&view=rev
Author:   bogdan_iancu
Date:     2007-04-03 02:45:08 -0700 (Tue, 03 Apr 2007)

Log Message:
-----------
backport from 1.2:
- fixed bug when the ssl library you compile against uses kerberos. Kerberos
  implementaion is faulty when comes to memory management as it always use the
  libc malloc/free (for the kerberos context). And the SSL structure is kept in
  shm memory and moved across processes, so the link from SSL to krb_ctx will
  become broken (point into private memory of another process).

  The fix is to imediatly free the krb_ctx (if kerberos is compiled in) to
  avoid the broken mem reference.

  At compile time, the kerberos presnece is tested (OPENSSL_NO_KRB5) to see if
  the fix should be activated or not.

  At runtime, the code performs a check to see if the library you are running
  agaist is the same as the one you compilled against (from kerberos presence
  point of view). This prevents crashes like: compile openser against an openssl
  with no kerberos (so the fix will not be activated) and later run it agaist
  an openssl with kerberos.
  If differences are detected, openser will not start and you probably need to
  recompile it locally.

  Thanks to Paulo Angonese <angonese at via-rs.net> and ohad.levy at infineon.com
  for report and help in debugging this.

Modified Paths:
--------------
    branches/1.1/tls/tls_init.c
    branches/1.1/tls/tls_server.c


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



More information about the Devel mailing list