------------------------------------------------------------
revno: 13537
revision-id: rousskov@measurement-factory.com-20140821002933-be1v08gzoaar232l
parent: squidadm@squid-cache.org-20140820001439-bonc1l5jo9coin9i
committer: Alex Rousskov <rousskov@measurement-factory.com>
branch nick: trunk
timestamp: Wed 2014-08-20 18:29:33 -0600
message:
  Do not leak fake SSL certificate context cache when reconfigure
  changes port addresses.
  
  We believe that deleting a cached LocalContextStorage object does not actually
  affect connections that use the corresponding SSL_CTX and certificate because
  any SSL object using those things increments their sharing counter and
  deleting LocalContextStorage only decrements that counter. The [cached]
  SSL_CTX object is not destroyed by SSL_CTX_free until that sharing counter
  reaches zero.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: rousskov@measurement-factory.com-20140821002933-\
#   be1v08gzoaar232l
# target_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/
# testament_sha1: 65b838c0c10cdaa0896d354c9caeb927e8d90acf
# timestamp: 2014-08-21 00:58:12 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/
# base_revision_id: squidadm@squid-cache.org-20140820001439-\
#   bonc1l5jo9coin9i
# 
# Begin patch
=== modified file 'src/ssl/context_storage.cc'
--- src/ssl/context_storage.cc	2014-03-30 12:00:34 +0000
+++ src/ssl/context_storage.cc	2014-08-21 00:29:33 +0000
@@ -90,6 +90,7 @@
         for (std::map<Ip::Address, LocalContextStorage *>::iterator i = storage.begin(); i != storage.end(); ++i) {
             std::map<Ip::Address, size_t>::iterator conf_i = configureStorage.find(i->first);
             if (conf_i == configureStorage.end() || conf_i->second <= 0) {
+                delete i->second;
                 storage.erase(i);
             } else {
                 i->second->setMemLimit(conf_i->second);