Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

openssl: when creating a new context, there cannot be an old one #7585

Closed
wants to merge 1 commit into from

Conversation

@bagder
Copy link
Member

@bagder bagder commented Aug 17, 2021

Remove the previous handling would call SSL_CTX_free() and instead add
an assert that will halt a debug build if there ever is a context
already set at this point.

Remove the previous handling would call SSL_CTX_free() and instead add
an assert that will halt a debug build if there ever is a context
already set at this point.
@bagder bagder added the SSL/TLS label Aug 17, 2021
Copy link
Member

@danielgustafsson danielgustafsson left a comment

Makes sense.

@jay
Copy link
Member

@jay jay commented Aug 17, 2021

The check was initiated in 1946058 from 2006 and I would guess no longer relevant. The CTX is freed when the connection is closed (conn_shutdown). A cursory look shows the ossl connection steps are only initiated from MSTATE_PROTOCONNECT when protocol_connect is called, and then when the steps are done (ie ssl connection phase complete) the ossl connect state machine is reset to ssl_connect_1. Could there ever be a time now when the connection is not closed and step 1 is repeated?

@bagder
Copy link
Member Author

@bagder bagder commented Aug 17, 2021

Could there ever be a time now when the connection is not closed and step 1 is repeated?

No, that would be seriously wrong and that's why I put the assert there.

@bagder bagder closed this in 0da1356 Aug 18, 2021
@bagder bagder deleted the bagder/openssl-free-ctx branch Aug 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants