View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005936 | unreal | ircd | public | 2021-06-27 14:47 | 2021-06-27 15:44 |
| Reporter | syzop | Assigned To | syzop | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | resolved | Resolution | fixed | ||
| Target Version | 5.2.1-rc1 | Fixed in Version | 5.2.1-rc1 | ||
| Summary | 0005936: Make REHASH also reread TLS certs | ||||
| Description | Now that OpenSSL is decent I think we can make "REHASH" also do the "REHASH -tls" stuff. Makes things less confusing for our users too. Previously (though this may have been 15yrs ago) it resulted in memory leaks or crashes due to reference count errors in OpenSSL. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
https://github.com/unrealircd/unrealircd/commit/79740c4a389c6820887765b8445b49a14a25ddd9 commit 79740c4a389c6820887765b8445b49a14a25ddd9 (HEAD -> unreal52, origin/unreal52, origin/HEAD) Author: Bram Matthys <[email protected]> Date: Sun Jun 27 15:35:53 2021 +0200 Make "REHASH" and ./unrealircd rehash also run the same code as "REHASH -tls", if on OpenSSL 1.1.1 or later. We trust OpenSSL 1.1.1 and later to be good enough to handle all the reference counting and freeing nowadays, which is something that was not done correctly in (much) older OpenSSL versions, leading to crashes on one hand and on memory leaks on the other hand. In OpenSSL 1.1.0 and earlier we do not rehash tls on simple "REHASH", since that code has not been vetted. However, nobody should be running those old OpenSSL versions anyway, since they are out of official OpenSSL support. ^ I was in a bit of a dillema on that last one. It was like a "inconsistent behavior of REHASH depending on OpenSSL version" vs "let them possibly crash" argument, i chose the former. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-06-27 14:47 | syzop | New Issue | |
| 2021-06-27 14:47 | syzop | Assigned To | => syzop |
| 2021-06-27 14:47 | syzop | Status | new => acknowledged |
| 2021-06-27 15:44 | syzop | Status | acknowledged => resolved |
| 2021-06-27 15:44 | syzop | Resolution | open => fixed |
| 2021-06-27 15:44 | syzop | Fixed in Version | => 5.2.1-rc1 |
| 2021-06-27 15:44 | syzop | Note Added: 0022045 |
