diff options
| author | Eric Milkie <milkie@10gen.com> | 2013-01-24 10:45:22 -0500 |
|---|---|---|
| committer | Eric Milkie <milkie@10gen.com> | 2013-01-24 10:46:14 -0500 |
| commit | ad47817b9397d8cfe97b9a51f1ad2e806c079d77 (patch) | |
| tree | 02fd658ec6fa09e4165b4a1841e69536b9189d96 /src/mongo/util/net | |
| parent | 02c3ae2696a53dd32bbfb16853fcfd0f39d6b6b1 (diff) | |
| download | mongo-ad47817b9397d8cfe97b9a51f1ad2e806c079d77.tar.gz | |
SERVER-6656 fix SSL thread storage leak (for incoming connections only)
Diffstat (limited to 'src/mongo/util/net')
| -rw-r--r-- | src/mongo/util/net/message_server_port.cpp | 6 | ||||
| -rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 4 | ||||
| -rw-r--r-- | src/mongo/util/net/ssl_manager.h | 6 |
3 files changed, 16 insertions, 0 deletions
diff --git a/src/mongo/util/net/message_server_port.cpp b/src/mongo/util/net/message_server_port.cpp index dc4b6c961b8..d2dbbfea75c 100644 --- a/src/mongo/util/net/message_server_port.cpp +++ b/src/mongo/util/net/message_server_port.cpp @@ -30,6 +30,7 @@ #include "../../db/lasterror.h" #include "../../db/stats/counters.h" #include "mongo/util/concurrency/ticketholder.h" +#include "mongo/util/net/ssl_manager.h" #ifdef __linux__ // TODO: consider making this ifndef _WIN32 # include <sys/resource.h> @@ -227,7 +228,12 @@ namespace mongo { dbexit( EXIT_UNCAUGHT ); } + // Normal disconnect path. +#ifdef MONGO_SSL + SSLManager::cleanupThreadLocals(); +#endif handler->disconnected( p.get() ); + return NULL; } }; diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index f39b597d445..0ff98ee444f 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -294,6 +294,10 @@ namespace mongo { // TODO: check optional cipher restriction, using cert. } + void SSLManager::cleanupThreadLocals() { + ERR_remove_state(0); + } + std::string SSLManager::_getSSLErrorMessage(int code) { // 120 from the SSL documentation for ERR_error_string static const size_t msglen = 120; diff --git a/src/mongo/util/net/ssl_manager.h b/src/mongo/util/net/ssl_manager.h index 2ff1be69277..8c94b66ef51 100644 --- a/src/mongo/util/net/ssl_manager.h +++ b/src/mongo/util/net/ssl_manager.h @@ -71,6 +71,12 @@ namespace mongo { void validatePeerCertificate(const SSL* ssl); /** + * Cleans up SSL thread local memory; use at thread exit + * to avoid memory leaks + */ + static void cleanupThreadLocals(); + + /** * Callbacks for SSL functions */ static int password_cb( char *buf,int num, int rwflag,void *userdata ); |