diff options
-rw-r--r-- | doc/doc-txt/ChangeLog | 4 | ||||
-rw-r--r-- | src/src/tls.c | 9 | ||||
-rwxr-xr-x | test/runtest | 1 |
3 files changed, 10 insertions, 4 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index e7c7085f8..567399483 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -65,6 +65,10 @@ JH/13 Bug 2845: Fix handling of tls_require_ciphers for OpenSSL when a value JH/14 Bug 1895: TLS: Deprecate RFC 5114 Diffie-Hellman parameters. +JH/15 Fix a resource leak in *BSD. An off-by-one error resulted in the daemon + failing to close the certificates directory, every hour or any time it + was touched. + Exim version 4.95 ----------------- diff --git a/src/src/tls.c b/src/src/tls.c index d5d11bcea..e6b1bf7a7 100644 --- a/src/src/tls.c +++ b/src/src/tls.c @@ -185,8 +185,8 @@ for (;;) { if ((fd1 = open(CCS filename, O_RDONLY | O_NOFOLLOW)) < 0) { s = US"open file"; goto bad; } - DEBUG(D_tls) debug_printf("watch file '%s'\n", filename); - EV_SET(&kev[++kev_used], + DEBUG(D_tls) debug_printf("watch file '%s':\t%d\n", filename, fd1); + EV_SET(&kev[kev_used++], (uintptr_t)fd1, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT, @@ -196,8 +196,8 @@ for (;;) NULL); cnt++; } - DEBUG(D_tls) debug_printf("watch dir '%s'\n", s); - EV_SET(&kev[++kev_used], + DEBUG(D_tls) debug_printf("watch dir '%s':\t%d\n", s, fd2); + EV_SET(&kev[kev_used++], (uintptr_t)fd2, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT, @@ -320,6 +320,7 @@ if (tls_watch_fd < 0) return; /* Close the files we had open for kevent */ for (int i = 0; i < kev_used; i++) { + DEBUG(D_tls) debug_printf("closing watch fd: %d\n", (int) kev[i].ident); (void) close((int) kev[i].ident); kev[i].ident = (uintptr_t)-1; } diff --git a/test/runtest b/test/runtest index 0f883e8fc..3d5a975ff 100755 --- a/test/runtest +++ b/test/runtest @@ -1108,6 +1108,7 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^watch dir/; next if /^watch file .*\/usr\/local/; next if /^watch file .*\/etc\/ssl/; + next if /^closing watch fd:/; # TLS preload # there happen in different orders for OpenSSL/GnuTLS/noTLS |