Skip to content

Commit 09e415d

Browse files
rheniumrhenium
committed
Merge branch 'topic/ssl-fixup-ex_data-handling'
* topic/ssl-fixup-ex_data-handling: ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby object ssl: do not confuse different ex_data index registries
2 parents 62f4023 + 1ef5151 commit 09e415d

File tree

1 file changed

+26
-27
lines changed

1 file changed

+26
-27
lines changed

ext/openssl/ossl_ssl.c

Lines changed: 26 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -85,15 +85,18 @@ static const struct {
8585
};
8686

8787
static int ossl_ssl_ex_vcb_idx;
88-
static int ossl_ssl_ex_store_p;
8988
static int ossl_ssl_ex_ptr_idx;
89+
static int ossl_sslctx_ex_ptr_idx;
90+
#if !defined(HAVE_X509_STORE_UP_REF)
91+
static int ossl_sslctx_ex_store_p;
92+
#endif
9093

9194
static void
9295
ossl_sslctx_free(void *ptr)
9396
{
9497
SSL_CTX *ctx = ptr;
9598
#if !defined(HAVE_X509_STORE_UP_REF)
96-
if(ctx && SSL_CTX_get_ex_data(ctx, ossl_ssl_ex_store_p)== (void*)1)
99+
if (ctx && SSL_CTX_get_ex_data(ctx, ossl_sslctx_ex_store_p))
97100
ctx->cert_store = NULL;
98101
#endif
99102
SSL_CTX_free(ctx);
@@ -124,7 +127,7 @@ ossl_sslctx_s_alloc(VALUE klass)
124127
}
125128
SSL_CTX_set_mode(ctx, mode);
126129
RTYPEDDATA_DATA(obj) = ctx;
127-
SSL_CTX_set_ex_data(ctx, ossl_ssl_ex_ptr_idx, (void*)obj);
130+
SSL_CTX_set_ex_data(ctx, ossl_sslctx_ex_ptr_idx, (void *)obj);
128131

129132
#if !defined(OPENSSL_NO_EC) && defined(HAVE_SSL_CTX_SET_ECDH_AUTO)
130133
/* We use SSL_CTX_set1_curves_list() to specify the curve used in ECDH. It
@@ -378,13 +381,10 @@ ossl_sslctx_session_get_cb(SSL *ssl, unsigned char *buf, int len, int *copy)
378381
{
379382
VALUE ary, ssl_obj, ret_obj;
380383
SSL_SESSION *sess;
381-
void *ptr;
382384
int state = 0;
383385

384386
OSSL_Debug("SSL SESSION get callback entered");
385-
if ((ptr = SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx)) == NULL)
386-
return NULL;
387-
ssl_obj = (VALUE)ptr;
387+
ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx);
388388
ary = rb_ary_new2(2);
389389
rb_ary_push(ary, ssl_obj);
390390
rb_ary_push(ary, rb_str_new((const char *)buf, len));
@@ -422,14 +422,11 @@ static int
422422
ossl_sslctx_session_new_cb(SSL *ssl, SSL_SESSION *sess)
423423
{
424424
VALUE ary, ssl_obj, sess_obj;
425-
void *ptr;
426425
int state = 0;
427426

428427
OSSL_Debug("SSL SESSION new callback entered");
429428

430-
if ((ptr = SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx)) == NULL)
431-
return 1;
432-
ssl_obj = (VALUE)ptr;
429+
ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx);
433430
sess_obj = rb_obj_alloc(cSSLSession);
434431
SSL_SESSION_up_ref(sess);
435432
DATA_PTR(sess_obj) = sess;
@@ -476,9 +473,7 @@ ossl_sslctx_session_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
476473

477474
OSSL_Debug("SSL SESSION remove callback entered");
478475

479-
if ((ptr = SSL_CTX_get_ex_data(ctx, ossl_ssl_ex_ptr_idx)) == NULL)
480-
return;
481-
sslctx_obj = (VALUE)ptr;
476+
sslctx_obj = (VALUE)SSL_CTX_get_ex_data(ctx, ossl_sslctx_ex_ptr_idx);
482477
sess_obj = rb_obj_alloc(cSSLSession);
483478
SSL_SESSION_up_ref(sess);
484479
DATA_PTR(sess_obj) = sess;
@@ -548,16 +543,13 @@ static int
548543
ssl_servername_cb(SSL *ssl, int *ad, void *arg)
549544
{
550545
VALUE ary, ssl_obj;
551-
void *ptr;
552546
int state = 0;
553547
const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
554548

555549
if (!servername)
556550
return SSL_TLSEXT_ERR_OK;
557551

558-
if ((ptr = SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx)) == NULL)
559-
return SSL_TLSEXT_ERR_ALERT_FATAL;
560-
ssl_obj = (VALUE)ptr;
552+
ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx);
561553
ary = rb_ary_new2(2);
562554
rb_ary_push(ary, ssl_obj);
563555
rb_ary_push(ary, rb_str_new2(servername));
@@ -575,12 +567,8 @@ static void
575567
ssl_renegotiation_cb(const SSL *ssl)
576568
{
577569
VALUE ssl_obj, sslctx_obj, cb;
578-
void *ptr;
579-
580-
if ((ptr = SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx)) == NULL)
581-
ossl_raise(eSSLError, "SSL object could not be retrieved");
582-
ssl_obj = (VALUE)ptr;
583570

571+
ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx);
584572
sslctx_obj = rb_attr_get(ssl_obj, id_i_context);
585573
cb = rb_attr_get(sslctx_obj, id_i_renegotiation_cb);
586574
if (NIL_P(cb)) return;
@@ -816,7 +804,7 @@ ossl_sslctx_setup(VALUE self)
816804
* X509_STORE_free() doesn't care it.
817805
* So we won't increment it but mark it by ex_data.
818806
*/
819-
SSL_CTX_set_ex_data(ctx, ossl_ssl_ex_store_p, (void *)1);
807+
SSL_CTX_set_ex_data(ctx, ossl_sslctx_ex_store_p, ctx);
820808
#else /* Fixed in OpenSSL 1.0.2; bff9ce4db38b (master), 5b4b9ce976fc (1.0.2) */
821809
X509_STORE_up_ref(store);
822810
#endif
@@ -2265,9 +2253,20 @@ Init_ossl_ssl(void)
22652253

22662254
ID_callback_state = rb_intern("callback_state");
22672255

2268-
ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_vcb_idx",0,0,0);
2269-
ossl_ssl_ex_store_p = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_store_p",0,0,0);
2270-
ossl_ssl_ex_ptr_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_ptr_idx",0,0,0);
2256+
ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0, (void *)"ossl_ssl_ex_vcb_idx", 0, 0, 0);
2257+
if (ossl_ssl_ex_vcb_idx < 0)
2258+
ossl_raise(rb_eRuntimeError, "SSL_get_ex_new_index");
2259+
ossl_ssl_ex_ptr_idx = SSL_get_ex_new_index(0, (void *)"ossl_ssl_ex_ptr_idx", 0, 0, 0);
2260+
if (ossl_ssl_ex_ptr_idx < 0)
2261+
ossl_raise(rb_eRuntimeError, "SSL_get_ex_new_index");
2262+
ossl_sslctx_ex_ptr_idx = SSL_CTX_get_ex_new_index(0, (void *)"ossl_sslctx_ex_ptr_idx", 0, 0, 0);
2263+
if (ossl_sslctx_ex_ptr_idx < 0)
2264+
ossl_raise(rb_eRuntimeError, "SSL_CTX_get_ex_new_index");
2265+
#if !defined(HAVE_X509_STORE_UP_REF)
2266+
ossl_sslctx_ex_store_p = SSL_CTX_get_ex_new_index(0, (void *)"ossl_sslctx_ex_store_p", 0, 0, 0);
2267+
if (ossl_sslctx_ex_store_p < 0)
2268+
ossl_raise(rb_eRuntimeError, "SSL_CTX_get_ex_new_index");
2269+
#endif
22712270

22722271
/* Document-module: OpenSSL::SSL
22732272
*

0 commit comments

Comments
 (0)