Permalink
Browse files

url: close TLS before removing conn from cache

- Fix potential crashes in schannel shutdown.

Ensure any TLS shutdown messages are sent before removing the
association between the connection and the easy handle. Reverts
@bagder's previous partial fix for #3412.

Fixes #3412
Fixes #3505
Closes #3531
  • Loading branch information...
chris-araman authored and jay committed Feb 6, 2019
1 parent fef38a0 commit 927a5bd1b4f95fe2331c9d9923c620ba8e274d6c
Showing with 8 additions and 9 deletions.
  1. +4 −5 lib/url.c
  2. +4 −4 lib/vtls/schannel.c
@@ -788,19 +788,18 @@ CURLcode Curl_disconnect(struct Curl_easy *data,
/* This is set if protocol-specific cleanups should be made */
conn->handler->disconnect(conn, dead_connection);

/* unlink ourselves! */
infof(data, "Closing connection %ld\n", conn->connection_id);
Curl_ssl_close(conn, FIRSTSOCKET);
Curl_ssl_close(conn, SECONDARYSOCKET);

/* unlink ourselves! */
Curl_conncache_remove_conn(data, conn, TRUE);

free_idnconverted_hostname(&conn->host);
free_idnconverted_hostname(&conn->conn_to_host);
free_idnconverted_hostname(&conn->http_proxy.host);
free_idnconverted_hostname(&conn->socks_proxy.host);

/* this assumes that the pointer is still there after the connection was
detected from the cache */
Curl_ssl_close(conn, FIRSTSOCKET);

conn_free(conn);
return CURLE_OK;
}
@@ -1960,6 +1960,8 @@ static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
conn->host.name;

DEBUGASSERT(data);

infof(data, "schannel: shutting down SSL/TLS connection with %s port %hu\n",
hostname, conn->remote_port);

@@ -2035,11 +2037,9 @@ static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
* might not have an associated transfer so the check for conn->data is
* necessary.
*/
if(conn->data)
Curl_ssl_sessionid_lock(conn);
Curl_ssl_sessionid_lock(conn);
Curl_schannel_session_free(BACKEND->cred);
if(conn->data)
Curl_ssl_sessionid_unlock(conn);
Curl_ssl_sessionid_unlock(conn);
BACKEND->cred = NULL;
}

0 comments on commit 927a5bd

Please sign in to comment.