|Title:||TLS Socket Closed in Child Process|
|Last Modified:||2019-11-14 01:11:32|
|Version Found In:||1.7.16|
anonymous added on 2018-03-21 16:23:14:
If a parent process opens a TLS socket prior to forking, and its child process closes it, this has the unfortunate side-effect of terminating the parent's connection. With a non-TLS socket this does not happen, i.e., closing the parent's socket in the child has no effect on the parent. <br><br> If a fix for this is not implemented, could you please detail what code changes would be necessary to do so? That way I can implement it myself without requiring it to be a feature for all users of this library.
anonymous added on 2018-03-21 17:49:16: (text/x-fossil-plain)
In tls.c, Tls_Clean, if I comment out the BIO_free_all call, this problem goes away. However, will this cause a memory leak? Is there some better way you can think of that I can handle this situation? I would ideally like the option of closing the socket and freeing all OpenSSL structures but not sending a close notify.
rkeene added on 2019-11-14 01:11:32: (text/x-fossil-plain)
Probably the best solution is to enable "fast-path" during compilation, which lets OpenSSL handle that part of the process for TCP sockets. This will eventually be made the default, it seems to be much better.