Connection: Fix unexpected server disconnection due to OpenSSL thread…

… safety problems From the OpenSSL FAQ (https://www.openssl.org/docs/faq.html): "... an SSL connection cannot be used concurrently by multiple threads. This is true for most OpenSSL objects."
mumble-voip · Feb 23, 2024 · 90560da · 90560da
1 parent 4c1b920
commit 90560da
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/src/Connection.cpp b/src/Connection.cpp
@@ -35,6 +35,8 @@ Connection::operator bool() const {
 }
 
 Code Connection::operator()(const Feedback &feedback, const std::function< bool() > halt) {
+	const auto guard = m_p->lock();
+
 	if (!m_p->m_monitorIn.add(m_p->m_handle, true, false) || !m_p->m_monitorOut.add(m_p->m_handle, false, true)) {
 		return Code::Failure;
 	}
@@ -87,13 +89,16 @@ Cert::Chain Connection::peerCert() const {
 }
 
 bool Connection::setCert(const Cert::Chain &cert, const Key &key) {
+	const auto guard = m_p->lock();
+
 	return m_p->setCert(cert, key);
 }
 
 Code Connection::process(const bool wait, const std::function< bool() > halt) {
 	using NetHeader = tcp::NetHeader;
 	using Pack      = tcp::Pack;
 
+	const auto guard = m_p->lock();
 	do {
 		NetHeader header;
 		auto code = m_p->read({ reinterpret_cast< std::byte * >(&header), sizeof(header) }, wait, halt);
@@ -123,6 +128,8 @@ Code Connection::process(const bool wait, const std::function< bool() > halt) {
 }
 
 Code Connection::write(const BufViewConst data, const bool wait, const std::function< bool() > halt) {
+	const auto guard = m_p->lock();
+
 	return m_p->write(data, wait, halt);
 }
 

diff --git a/src/Connection.hpp b/src/Connection.hpp
@@ -17,6 +17,7 @@
 #include <atomic>
 #include <cstdint>
 #include <functional>
+#include <mutex>
 
 namespace mumble {
 class Connection::P : public SocketTLS {
@@ -33,6 +34,10 @@ class Connection::P : public SocketTLS {
 	mumble::Code handleState(const State state);
 
 private:
+	[[nodiscard]] std::lock_guard< std::recursive_mutex > lock() {
+		return std::lock_guard< std::recursive_mutex >(m_mutex);
+	}
+
 	mumble::Code read(BufView buf, const bool wait, const std::function< bool() > halt);
 	mumble::Code write(BufViewConst buf, const bool wait, const std::function< bool() > halt);
 
@@ -49,6 +54,7 @@ class Connection::P : public SocketTLS {
 	Cert::Chain m_cert;
 	uint32_t m_timeouts;
 	std::atomic_flag m_closed;
+	std::recursive_mutex m_mutex;
 };
 } // namespace mumble