diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-09-12 11:02:59 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-09-12 11:12:05 -0400 |
| commit | ae5692994fc31cc5fa25fb5681e59e326e6c5dbe (patch) | |
| tree | e83edf9652c3aea60ef2f7541eebb4c6cb7534ba /src/lib/tls/tortls_openssl.c | |
| parent | bfc847255afb093b89dd82687d796e3e3c7fcb89 (diff) | |
| download | tor-ae5692994fc31cc5fa25fb5681e59e326e6c5dbe.tar.gz tor-ae5692994fc31cc5fa25fb5681e59e326e6c5dbe.zip | |
Add a tor_tls_release_socket() function.
This function tells the underlying TLS object that it shouldn't
close the fd on exit. Mostly, we hope not to have to use it, since
the NSS implementation is kludgey, but it should allow us to fix
Diffstat (limited to 'src/lib/tls/tortls_openssl.c')
| -rw-r--r-- | src/lib/tls/tortls_openssl.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index dc6c0bee9c..534a90de5d 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -1048,7 +1048,7 @@ tor_tls_new(tor_socket_t sock, int isServer) goto err; } result->socket = sock; - bio = BIO_new_socket(sock, BIO_NOCLOSE); + bio = BIO_new_socket(sock, BIO_CLOSE); if (! bio) { tls_log_errors(NULL, LOG_WARN, LD_NET, "opening BIO"); #ifdef SSL_set_tlsext_host_name @@ -1154,6 +1154,28 @@ tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls) #endif /* defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && ... */ } +/** + * Tell the TLS library that the underlying socket for <b>tls</b> has been + * closed, and the library should not attempt to free that socket itself. + */ +void +tor_tls_release_socket(tor_tls_t *tls) +{ + if (! tls) + return; + + BIO *rbio, *wbio; + rbio = SSL_get_rbio(tls->ssl); + wbio = SSL_get_wbio(tls->ssl); + + if (rbio) { + BIO_set_close(rbio, BIO_NOCLOSE); + } + if (wbio && wbio != rbio) { + BIO_set_close(wbio, BIO_NOCLOSE); + } +} + void tor_tls_impl_free_(tor_tls_impl_t *ssl) { |