From 0b9a6a63b50e0c4947233aee33fc86f603f77dd1 Mon Sep 17 00:00:00 2001 From: Jeff Darcy Date: Wed, 5 Nov 2014 22:37:48 -0500 Subject: socket: fix segfaults when TLS management connections fail Change-Id: I1fd085b04ad1ee68c982d3736b322c19dd12e071 BUG: 1160900 Signed-off-by: Jeff Darcy Reviewed-on: http://review.gluster.org/9059 Tested-by: Gluster Build System Reviewed-by: Harshavardhana Reviewed-by: Vijay Bellur --- rpc/rpc-transport/socket/src/socket.c | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) (limited to 'rpc/rpc-transport/socket/src') diff --git a/rpc/rpc-transport/socket/src/socket.c b/rpc/rpc-transport/socket/src/socket.c index 2a6586beafd..107590b0273 100644 --- a/rpc/rpc-transport/socket/src/socket.c +++ b/rpc/rpc-transport/socket/src/socket.c @@ -394,10 +394,12 @@ done: static void ssl_teardown_connection (socket_private_t *priv) { - SSL_shutdown(priv->ssl_ssl); - SSL_clear(priv->ssl_ssl); - SSL_free(priv->ssl_ssl); - priv->ssl_ssl = NULL; + if (priv->ssl_ssl) { + SSL_shutdown(priv->ssl_ssl); + SSL_clear(priv->ssl_ssl); + SSL_free(priv->ssl_ssl); + priv->ssl_ssl = NULL; + } priv->use_ssl = _gf_false; } @@ -560,12 +562,19 @@ __socket_rwv (rpc_transport_t *this, struct iovec *vector, int count, --opcount; continue; } - if (write) { + if (priv->use_ssl && !priv->ssl_ssl) { + /* + * We could end up here with priv->ssl_ssl still NULL + * if (a) the connection failed and (b) some fool + * called other socket functions anyway. Demoting to + * non-SSL might be insecure, so just fail it outright. + */ + ret = -1; + } else if (write) { if (priv->use_ssl) { - ret = ssl_write_one(this, - opvector->iov_base, opvector->iov_len); - } - else { + ret = ssl_write_one (this, opvector->iov_base, + opvector->iov_len); + } else { ret = writev (sock, opvector, IOV_MIN(opcount)); } @@ -611,7 +620,7 @@ __socket_rwv (rpc_transport_t *this, struct iovec *vector, int count, strerror (errno)); } - if (priv->use_ssl) { + if (priv->use_ssl && priv->ssl_ssl) { ssl_dump_error_stack(this->name); } opcount = -1; @@ -3050,7 +3059,6 @@ handler: if (priv->own_thread) { close(priv->sock); priv->sock = -1; - goto unlock; } else { /* Ignore error from connect. epoll events -- cgit