Problem:

When both HTTP and HTTPS support in mathopd is used simultaneously (using multiple server blocks in the mathopd configuration file), mathopd is killed with Segmentation fault.

In this scenario, only the HTTPS connections will contain valid SSL contexts (i.e valid openssl_connection pointer in struct connection). Whenever a connection is closed, the openssl_connection pointer is also cleaned up if it is valid (i.e not NULL). But the openssl_connection pointer is not reinitialized to NULL after freeing the memory. And this connection is returned to the free pool of connections for use in subsequent connections. If this connection structure is subsequently assigned for a HTTP connection, then during connection close, the openssl_connection is again cleaned up since it is not NULL. This causes segmentation fault.

Fix:

The fix is to initialize the SSL context to NULL on connection close (close_connection function in core.c):

 --- old/mathopd/core.c    2009-03-05 16:38:28.000000000 +0530
+++ new/mathopd/core.c    2009-03-05 16:41:32.000000000 +0530
<at> <at> -196,6 +196,9 <at> <at>
 #ifdef USE_SSL_OPENSSL
     if(cn->openssl_connection)
         SSL_free (cn->openssl_connection);
+    // Initialize to NULL to avoid invalid access later
+    // when this connection is used for a HTTP connection
+    cn->openssl_connection = NULL;
 #endif
 
     if (cn->rfd != -1) {

regards

Keerthana