Re: (tomcat) 02/02: Reduce changes of crash on Library shutdown with OpenSSL connections

Mon, 12 Feb 2024 07:05:24 -0800 

Mark,

On 2/8/24 16:10, ma...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 543e2b56bc8ccbde973366975b211b61408caf8a
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Feb 8 18:54:45 2024 +0000

     Reduce changes of crash on Library shutdown with OpenSSL connections
---
  .../tomcat/util/net/openssl/OpenSSLContext.java       | 19 +++++++++++--------
  1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java 
b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index f1d7b092ec..12dc41455b 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -46,6 +46,7 @@ import javax.net.ssl.X509TrustManager;
  import org.apache.juli.logging.Log;
  import org.apache.juli.logging.LogFactory;
  import org.apache.tomcat.jni.CertificateVerifier;
+import org.apache.tomcat.jni.Library;
  import org.apache.tomcat.jni.Pool;
  import org.apache.tomcat.jni.SSL;
  import org.apache.tomcat.jni.SSLConf;
@@ -648,14 +649,16 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
@Override 
          public void run() {
-            if (ctx != 0) {
-                SSLContext.free(ctx);
-            }
-            if (cctx != 0) {
-                SSLConf.free(cctx);
-            }
-            if (aprPool != 0) {
-                Pool.destroy(aprPool);
+            if (Library.isInitialized()) {
+                if (ctx != 0) {
+                    SSLContext.free(ctx);
+                }
+                if (cctx != 0) {
+                    SSLConf.free(cctx);
+                }
+                if (aprPool != 0) {
+                    Pool.destroy(aprPool);
+                }
Should this be in a synchronized block? Probably using Library as the monitor? 

Also, maybe zero everything out afterward?
Honestly, this looks weird to my (untrained) eye. You are checking the state of Library to determine whether or not local resources ought to be cleaned up? That smells funny to me... 

-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to