tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 9f5f67bda26979bb75e10a0ce0080997b1b72603
parent ae5692994fc31cc5fa25fb5681e59e326e6c5dbe
Author: Nick Mathewson <nickm@torproject.org>
Date:   Wed, 12 Sep 2018 11:32:15 -0400

Use tor_tls_release_socket() to avoid double-closed sockets on NSS

Closes ticket 27451; bug not in any released Tor.

Diffstat:

Msrc/core/mainloop/connection.c | 15+++++++++++++--


1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
@@ -638,8 +638,19 @@ connection_free_minimal(connection_t *conn)
 
   if (connection_speaks_cells(conn)) {
     or_connection_t *or_conn = TO_OR_CONN(conn);
-    tor_tls_free(or_conn->tls);
-    or_conn->tls = NULL;
+    if (or_conn->tls) {
+      if (! SOCKET_OK(conn->s)) {
+        /* The socket has been closed by somebody else; we must tell the
+         * TLS object not to close it. */
+        tor_tls_release_socket(or_conn->tls);
+      } else {
+        /* The tor_tls_free() call below will close the socket; we must tell
+         * the code below not to close it a second time. */
+        conn->s = TOR_INVALID_SOCKET;
+      }
+      tor_tls_free(or_conn->tls);
+      or_conn->tls = NULL;
+    }
     or_handshake_state_free(or_conn->handshake_state);
     or_conn->handshake_state = NULL;
     tor_free(or_conn->nickname);