summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/doc-txt/ChangeLog4
-rw-r--r--src/src/tls.c9
-rwxr-xr-xtest/runtest1
3 files changed, 10 insertions, 4 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index e7c7085f8..567399483 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -65,6 +65,10 @@ JH/13 Bug 2845: Fix handling of tls_require_ciphers for OpenSSL when a value
JH/14 Bug 1895: TLS: Deprecate RFC 5114 Diffie-Hellman parameters.
+JH/15 Fix a resource leak in *BSD. An off-by-one error resulted in the daemon
+ failing to close the certificates directory, every hour or any time it
+ was touched.
+
Exim version 4.95
-----------------
diff --git a/src/src/tls.c b/src/src/tls.c
index d5d11bcea..e6b1bf7a7 100644
--- a/src/src/tls.c
+++ b/src/src/tls.c
@@ -185,8 +185,8 @@ for (;;)
{
if ((fd1 = open(CCS filename, O_RDONLY | O_NOFOLLOW)) < 0)
{ s = US"open file"; goto bad; }
- DEBUG(D_tls) debug_printf("watch file '%s'\n", filename);
- EV_SET(&kev[++kev_used],
+ DEBUG(D_tls) debug_printf("watch file '%s':\t%d\n", filename, fd1);
+ EV_SET(&kev[kev_used++],
(uintptr_t)fd1,
EVFILT_VNODE,
EV_ADD | EV_ENABLE | EV_ONESHOT,
@@ -196,8 +196,8 @@ for (;;)
NULL);
cnt++;
}
- DEBUG(D_tls) debug_printf("watch dir '%s'\n", s);
- EV_SET(&kev[++kev_used],
+ DEBUG(D_tls) debug_printf("watch dir '%s':\t%d\n", s, fd2);
+ EV_SET(&kev[kev_used++],
(uintptr_t)fd2,
EVFILT_VNODE,
EV_ADD | EV_ENABLE | EV_ONESHOT,
@@ -320,6 +320,7 @@ if (tls_watch_fd < 0) return;
/* Close the files we had open for kevent */
for (int i = 0; i < kev_used; i++)
{
+ DEBUG(D_tls) debug_printf("closing watch fd: %d\n", (int) kev[i].ident);
(void) close((int) kev[i].ident);
kev[i].ident = (uintptr_t)-1;
}
diff --git a/test/runtest b/test/runtest
index 0f883e8fc..3d5a975ff 100755
--- a/test/runtest
+++ b/test/runtest
@@ -1108,6 +1108,7 @@ RESET_AFTER_EXTRA_LINE_READ:
next if /^watch dir/;
next if /^watch file .*\/usr\/local/;
next if /^watch file .*\/etc\/ssl/;
+ next if /^closing watch fd:/;
# TLS preload
# there happen in different orders for OpenSSL/GnuTLS/noTLS