[OpenWrt-Devel] [PATCH 2/3] Fix SSL negotiation being interrupted by .notify_write from BIO method.

Yousong Zhou yszhou4tech at gmail.com
Tue Nov 11 05:34:00 EST 2014


ustream_ssl_check_conn() may be called by .notify_write while a previous
SSL_connect() is still in process.  This can happen because the
.notify_write callback will may be triggered by writes in the BIO
methods.

Signed-off-by: Yousong Zhou <yszhou4tech at gmail.com>
---
 ustream-ssl.c |   19 +++++++++++++++----
 ustream-ssl.h |    1 +
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/ustream-ssl.c b/ustream-ssl.c
index dd0faf9..84104b0 100644
--- a/ustream-ssl.c
+++ b/ustream-ssl.c
@@ -34,12 +34,22 @@ static void ustream_ssl_error_cb(struct uloop_timeout *t)
 		us->notify_error(us, error, __ustream_ssl_strerror(us->error, buffer, sizeof(buffer)));
 }
 
+static enum ssl_conn_status ustream_ssl_do_connect(struct ustream_ssl *us)
+{
+	enum ssl_conn_status status;
+
+	us->connecting = true;
+	status = __ustream_ssl_connect(us);
+	us->connecting = false;
+	return status;
+}
+
 static void ustream_ssl_check_conn(struct ustream_ssl *us)
 {
-	if (us->connected || us->error)
+	if (us->connected || us->error || us->connecting)
 		return;
 
-	if (__ustream_ssl_connect(us) == U_SSL_OK) {
+	if (ustream_ssl_do_connect(us) == U_SSL_OK) {
 		us->connected = true;
 		if (us->notify_connected)
 			us->notify_connected(us);
@@ -55,7 +65,7 @@ static bool __ustream_ssl_poll(struct ustream *s)
 	bool more = false;
 
 	ustream_ssl_check_conn(us);
-	if (!us->connected || us->error)
+	if (!us->connected || us->error || us->connecting)
 		return false;
 
 	do {
@@ -106,7 +116,7 @@ static int ustream_ssl_write(struct ustream *s, const char *buf, int len, bool m
 {
 	struct ustream_ssl *us = container_of(s, struct ustream_ssl, stream);
 
-	if (!us->connected || us->error)
+	if (!us->connected || us->error || us->connecting)
 		return 0;
 
 	if (us->conn->w.data_bytes)
@@ -141,6 +151,7 @@ static void ustream_ssl_free(struct ustream *s)
 	us->ssl = NULL;
 	us->conn = NULL;
 	us->peer_cn = NULL;
+	us->connecting = false;
 	us->connected = false;
 	us->error = false;
 	us->valid_cert = false;
diff --git a/ustream-ssl.h b/ustream-ssl.h
index 0c55344..1d2a8f9 100644
--- a/ustream-ssl.h
+++ b/ustream-ssl.h
@@ -37,6 +37,7 @@ struct ustream_ssl {
 	char *server_name;
 
 	int error;
+	bool connecting;
 	bool connected;
 	bool server;
 
-- 
1.7.10.4
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list