svn commit: r1852036 - in /tomcat/native/trunk/native: include/ssl_private.h src/ssl.c src/sslutils.c

Thu, 24 Jan 2019 07:21:07 -0800 

Author: rjung
Date: Thu Jan 24 15:20:49 2019
New Revision: 1852036

URL: http://svn.apache.org/viewvc?rev=1852036&view=rev
Log:
Fix crashes due to dublicate pool destruction,
once via the parent pool and once later via
the Finalizer.

Crash is new in 1.2.20 due to the use of a new
child pool to fix a memleak issue.

Hopefully this fix here does not introduce a
new memleak.

Modified:
    tomcat/native/trunk/native/include/ssl_private.h
    tomcat/native/trunk/native/src/ssl.c
    tomcat/native/trunk/native/src/sslutils.c

Modified: tomcat/native/trunk/native/include/ssl_private.h
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/include/ssl_private.h?rev=1852036&r1=1852035&r2=1852036&view=diff
==============================================================================
--- tomcat/native/trunk/native/include/ssl_private.h (original)
+++ tomcat/native/trunk/native/include/ssl_private.h Thu Jan 24 15:20:49 2019
@@ -360,13 +360,16 @@ typedef struct {
 /*
  *  Additional Functions
  */
-void        SSL_init_app_data2_3_idx(void);
+void        SSL_init_app_data_idx(void);
 /* The app_data2 is used to store the tcn_ssl_ctxt_t pointer for the SSL 
instance. */
 void       *SSL_get_app_data2(SSL *);
 void        SSL_set_app_data2(SSL *, void *);
 /* The app_data3 is used to store the handshakeCount pointer for the SSL 
instance. */
 void       *SSL_get_app_data3(const SSL *);
 void        SSL_set_app_data3(SSL *, void *);
+/* The app_data4 is used to store the destroyCount pointer for the SSL 
instance. */
+void       *SSL_get_app_data4(const SSL *);
+void        SSL_set_app_data4(SSL *, void *);
 int         SSL_password_prompt(tcn_pass_cb_t *);
 int         SSL_password_callback(char *, int, int, void *);
 void        SSL_BIO_close(BIO *);

Modified: tomcat/native/trunk/native/src/ssl.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1852036&r1=1852035&r2=1852036&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/ssl.c (original)
+++ tomcat/native/trunk/native/src/ssl.c Thu Jan 24 15:20:49 2019
@@ -822,8 +822,8 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize
      * low entropy seed.
      */
     SSL_rand_seed(NULL);
-    /* For SSL_get_app_data2() and SSL_get_app_data3() at request time */
-    SSL_init_app_data2_3_idx();
+    /* For SSL_get_app_data2(), SSL_get_app_data3() and SSL_get_app_data4() at 
request time */
+    SSL_init_app_data_idx();
 
     init_dh_params();
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
@@ -1273,11 +1273,27 @@ static void ssl_info_callback(const SSL
     }
 }
 
+static apr_status_t ssl_con_pool_cleanup(void *data)
+{
+    SSL *ssl = (SSL*) data;
+    int *destroyCount;
+
+    TCN_ASSERT(ssl != 0);
+    
+    destroyCount = SSL_get_app_data4(ssl);
+    if (destroyCount != NULL) {
+        ++(*destroyCount);
+    }
+
+    return APR_SUCCESS;
+}
+
 TCN_IMPLEMENT_CALL(jlong /* SSL * */, SSL, newSSL)(TCN_STDARGS,
                                                    jlong ctx /* tcn_ssl_ctxt_t 
* */,
                                                    jboolean server) {
     tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
     int *handshakeCount = malloc(sizeof(int));
+    int *destroyCount = malloc(sizeof(int));
     SSL *ssl;
     apr_pool_t *p = NULL;
     tcn_ssl_conn_t *con;
@@ -1289,6 +1305,7 @@ TCN_IMPLEMENT_CALL(jlong /* SSL * */, SS
     ssl = SSL_new(c->ctx);
     if (ssl == NULL) {
         free(handshakeCount);
+        free(destroyCount);
         tcn_ThrowException(e, "cannot create new ssl");
         return 0;
     }
@@ -1296,6 +1313,7 @@ TCN_IMPLEMENT_CALL(jlong /* SSL * */, SS
     apr_pool_create(&p, c->pool);
     if (p == NULL) {
         free(handshakeCount);
+        free(destroyCount);
         SSL_free(ssl);
         tcn_ThrowAPRException(e, apr_get_os_error());
         return 0;
@@ -1303,6 +1321,7 @@ TCN_IMPLEMENT_CALL(jlong /* SSL * */, SS
     
     if ((con = apr_pcalloc(p, sizeof(tcn_ssl_conn_t))) == NULL) {
         free(handshakeCount);
+        free(destroyCount);
         SSL_free(ssl);
         apr_pool_destroy(p);
         tcn_ThrowAPRException(e, apr_get_os_error());
@@ -1317,6 +1336,10 @@ TCN_IMPLEMENT_CALL(jlong /* SSL * */, SS
     *handshakeCount = 0;
     SSL_set_app_data3(ssl, handshakeCount);
 
+    /* Store the destroyCount in the SSL instance. */
+    *destroyCount = 0;
+    SSL_set_app_data4(ssl, destroyCount);
+
     /* Add callback to keep track of handshakes. */
     SSL_CTX_set_info_callback(c->ctx, ssl_info_callback);
 
@@ -1333,6 +1356,11 @@ TCN_IMPLEMENT_CALL(jlong /* SSL * */, SS
     /* Store for later usage in SSL_callback_SSL_verify */
     SSL_set_app_data2(ssl, c);
     SSL_set_app_data(ssl, con);
+    /* Register cleanup that prevent double destruction */
+    apr_pool_cleanup_register(con->pool, (const void *)ssl,
+                              ssl_con_pool_cleanup,
+                              apr_pool_cleanup_null);
+    
     return P2J(ssl);
 }
 
@@ -1430,15 +1458,21 @@ TCN_IMPLEMENT_CALL(void, SSL, freeSSL)(T
                                        jlong ssl /* SSL * */) {
     SSL *ssl_ = J2P(ssl, SSL *);
     int *handshakeCount = SSL_get_app_data3(ssl_);
+    int *destroyCount = SSL_get_app_data4(ssl_);
     tcn_ssl_conn_t *con = SSL_get_app_data(ssl_);
 
     UNREFERENCED_STDARGS;
 
+    if (destroyCount != NULL) {
+        if (*destroyCount == 0) {
+            apr_pool_destroy(con->pool);
+        }
+        free(destroyCount);
+    }
     if (handshakeCount != NULL) {
         free(handshakeCount);
     }
     SSL_free(ssl_);
-    apr_pool_destroy(con->pool);
 }
 
 /* Make a BIO pair (network and internal) for the provided SSL * and return 
the network BIO */

Modified: tomcat/native/trunk/native/src/sslutils.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1852036&r1=1852035&r2=1852036&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Thu Jan 24 15:20:49 2019
@@ -52,8 +52,9 @@ static int ssl_ocsp_request(X509 *cert,
  */
 static int SSL_app_data2_idx = -1;
 static int SSL_app_data3_idx = -1;
+static int SSL_app_data4_idx = -1;
 
-void SSL_init_app_data2_3_idx(void)
+void SSL_init_app_data_idx(void)
 {
     int i;
 
@@ -78,6 +79,15 @@ void SSL_init_app_data2_3_idx(void)
                                  "Third Application Data for SSL",
                                   NULL, NULL, NULL);
 
+    if (SSL_app_data4_idx > -1) {
+        return;
+    }
+
+    SSL_app_data4_idx =
+            SSL_get_ex_new_index(0,
+                                 "Fourth Application Data for SSL",
+                                  NULL, NULL, NULL);
+
 }
 
 void *SSL_get_app_data2(SSL *ssl)
@@ -102,6 +112,16 @@ void SSL_set_app_data3(SSL *ssl, void *a
     SSL_set_ex_data(ssl, SSL_app_data3_idx, arg);
 }
 
+void *SSL_get_app_data4(const SSL *ssl)
+{
+    return SSL_get_ex_data(ssl, SSL_app_data4_idx);
+}
+
+void SSL_set_app_data4(SSL *ssl, void *arg)
+{
+    SSL_set_ex_data(ssl, SSL_app_data4_idx, arg);
+}
+
 /* Simple echo password prompting */
 int SSL_password_prompt(tcn_pass_cb_t *data)
 {



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to