Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/tls: missing "configForClient.mutex.RUnlock()" in "Config.ticketKeys(configForClient *Config)" func #71655

Open
wamshawn opened this issue Feb 11, 2025 · 3 comments
Open

crypto/tls: missing "configForClient.mutex.RUnlock()" in "Config.ticketKeys(configForClient *Config)" func #71655

wamshawn opened this issue Feb 11, 2025 · 3 comments
Labels
BugReport Issues describing a possible bug in the Go implementation. NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Go1.25

Comments

@wamshawn
Copy link

Go version

go1.23.2

Output of go env in your module/workspace:

D:\workspace\go\src\github.com\brickingsoft\rio git:[main]
go env
set GO111MODULE=on
set GOARCH=amd64
set GOBIN=D:\sdk\golang\bin
set GOCACHE=C:\Users\ryougi\AppData\Local\go-build
set GOENV=C:\Users\ryougi\AppData\Roaming\go\env
set GOEXE=.exe
set GOEXPERIMENT=
set GOFLAGS=
set GOHOSTARCH=amd64
set GOHOSTOS=windows
set GOINSECURE=
set GOMODCACHE=D:\workspace\go\pkg\mod
set GONOPROXY=
set GONOSUMDB=
set GOOS=windows
set GOPATH=D:\workspace\go
set GOPRIVATE=
set GOPROXY=https://mirrors.aliyun.com/goproxy/,direct
set GOROOT=D:/sdk/golang/go1.23.2
set GOSUMDB=sum.golang.org
set GOTMPDIR=
set GOTOOLCHAIN=auto
set GOTOOLDIR=D:\sdk\golang\go1.23.2\pkg\tool\windows_amd64
set GOVCS=
set GOVERSION=go1.23.2
set GODEBUG=
set GOTELEMETRY=local
set GOTELEMETRYDIR=C:\Users\ryougi\AppData\Roaming\go\telemetry
set GCCGO=gccgo
set GOAMD64=v1
set AR=ar
set CC=gcc
set CXX=g++
set CGO_ENABLED=1
set GOMOD=D:\workspace\go\src\github.com\brickingsoft\rio\go.mod
set GOWORK=
set CGO_CFLAGS=-O2 -g
set CGO_CPPFLAGS=
set CGO_CXXFLAGS=-O2 -g
set CGO_FFLAGS=-O2 -g
set CGO_LDFLAGS=-O2 -g
set PKG_CONFIG=pkg-config
set GOGCCFLAGS=-m64 -mthreads -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=C:\Users\ryougi\AppData\Local\Temp\go-build665883129=/tmp/go-build -gno-record-gcc-switches

What did you do?

Just find a mistake in crypto/tls/common.go, maybe it is a bug.

func (c *Config) ticketKeys(configForClient *Config) []ticketKey {
	if configForClient != nil {
		configForClient.mutex.RLock()
		if configForClient.SessionTicketsDisabled {
                        // **missing configForClient.mutex.RUnlock() here**
			return nil
		}
		configForClient.initLegacySessionTicketKeyRLocked()
		if len(configForClient.sessionTicketKeys) != 0 {
			ret := configForClient.sessionTicketKeys
			configForClient.mutex.RUnlock()
			return ret
		}
		configForClient.mutex.RUnlock()
	}

	// ...
	return c.autoSessionTicketKeys
}

What did you see happen?

I haven't run it yet, just reading code and find it.

What did you expect to see?

fix it, or tell me the reason about no RUnlock after Rnlock.
@gabyhelp
Copy link

Related Issues

Related Code Changes

(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)

@gabyhelp gabyhelp added the BugReport Issues describing a possible bug in the Go implementation. label Feb 11, 2025
@dmitshur dmitshur added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Feb 11, 2025
@dmitshur
Copy link
Contributor

Thanks for the report. I agree it looks like the code is missing a matching RUnlock call on configForClient.mutex in that case. This code doesn't seem to have changed recently, but it only comes up when SessionTicketsDisabled is true.

CC @golang/security.

@dmitshur dmitshur added this to the Go1.25 milestone Feb 11, 2025
@seankhliao
Copy link
Member

i saw https://go.dev/cl/601335

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
BugReport Issues describing a possible bug in the Go implementation. NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Go1.25
Development

No branches or pull requests
4 participants
@dmitshur @seankhliao @wamshawn @gabyhelp