tls_openssl: add shared_ptr to config resources to tls_openssl_private

This avoids freeing the resource table while the tls psk callback still needs to access it.
bareos · Sep 8, 2022 · 2a89cec · 2a89cec
1 parent fbd0989
commit 2a89cec
Show file tree

Hide file tree

Showing 6 changed files with 17 additions and 6 deletions.
diff --git a/core/src/lib/parse_conf.cc b/core/src/lib/parse_conf.cc
@@ -487,17 +487,13 @@ bool ConfigurationParser::FindConfigPath(PoolMem& full_path)
   return found;
 }
 
-// swap the previously saved configuration_resources_previous_ with
-// configuration_resources_ and release the configuration_resources_previous_
 void ConfigurationParser::RestoreResourceTable(
     std::shared_ptr<ConfigResourcesContainer>&& backup_table)
 {
   std::swap(config_resources_container_, backup_table);
   backup_table.reset();
 }
 
-// copy the current resource table to configuration_resources_backup_
-// and create a new empty config_resources_container_
 std::shared_ptr<ConfigResourcesContainer>
 ConfigurationParser::BackupResourceTable()
 {
@@ -507,6 +503,13 @@ ConfigurationParser::BackupResourceTable()
   return backup_table;
 }
 
+std::shared_ptr<ConfigResourcesContainer>
+ConfigurationParser::GetResourcesTablePointer()
+{
+  return config_resources_container_;
+}
+
+
 bool ConfigurationParser::RemoveResource(int rcode, const char* name)
 {
   int rindex = rcode;

diff --git a/core/src/lib/parse_conf.h b/core/src/lib/parse_conf.h
@@ -256,6 +256,7 @@ class ConfigurationParser {
   const std::string& get_base_config_path() const { return used_config_path_; }
   void FreeResources();
 
+  std::shared_ptr<ConfigResourcesContainer> GetResourcesTablePointer();
   std::shared_ptr<ConfigResourcesContainer> BackupResourceTable();
   void RestoreResourceTable(std::shared_ptr<ConfigResourcesContainer>&&);
 

diff --git a/core/src/lib/tls_openssl.cc b/core/src/lib/tls_openssl.cc
@@ -75,7 +75,11 @@ void TlsOpenSsl::SetTlsPskServerContext(ConfigurationParser* config)
   } else if (!config) {
     Dmsg0(50, "Could not prepare TLS_PSK SERVER callback (no config)\n");
   } else {
-    Dmsg0(50, "Preparing TLS_PSK SERVER callback\n");
+    // store a shared pointer to the resources table currently used in the
+    // private data so that it is freed when the TLS Private Context is freed
+    d_->config_table_ = config->GetResourcesTablePointer();
+    Dmsg1(50, "Preparing TLS_PSK SERVER callback, config table pointer is %p\n",
+          d_->config_table_->configuration_resources_);
     SSL_CTX_set_ex_data(
         d_->openssl_ctx_,
         TlsOpenSslPrivate::SslCtxExDataIndex::kConfigurationParserPtr,

diff --git a/core/src/lib/tls_openssl.h b/core/src/lib/tls_openssl.h
@@ -27,6 +27,7 @@
 #include <memory>
 
 class TlsOpenSslPrivate;
+class ConfigResourcesContainer;
 
 class TlsOpenSsl : public Tls {
  public:

diff --git a/core/src/lib/tls_openssl_private.cc b/core/src/lib/tls_openssl_private.cc
@@ -61,6 +61,7 @@ TlsOpenSslPrivate::TlsOpenSslPrivate()
     , pem_callback_(nullptr)
     , pem_userdata_(nullptr)
     , verify_peer_(false)
+    , config_table_(nullptr)
 {
   Dmsg0(100, "Construct TlsOpenSslPrivate\n");
 

diff --git a/core/src/lib/tls_openssl_private.h b/core/src/lib/tls_openssl_private.h
@@ -95,7 +95,8 @@ class TlsOpenSslPrivate {
   std::string dhfile_;
   std::string cipherlist_;
   bool verify_peer_;
-  /* *************** */
+  std::shared_ptr<ConfigResourcesContainer>
+      config_table_;  // config table being used
 };
 
 #endif  // BAREOS_LIB_TLS_OPENSSL_PRIVATE_H_