Repository: trafficserver Updated Branches: refs/heads/master dff34bde3 -> 1b9697ed7
TS-3031: Race condition in SSLNextProtocolSet::advertiseProtocols Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/2f58b7ba Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/2f58b7ba Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/2f58b7ba Branch: refs/heads/master Commit: 2f58b7baa044a23186953e4bbee79422afb3fc4d Parents: dff34bd Author: Brian Geffon <[email protected]> Authored: Thu Aug 21 12:03:23 2014 -0700 Committer: Brian Geffon <[email protected]> Committed: Thu Aug 21 12:03:23 2014 -0700 ---------------------------------------------------------------------- iocore/net/SSLNextProtocolSet.cc | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/2f58b7ba/iocore/net/SSLNextProtocolSet.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLNextProtocolSet.cc b/iocore/net/SSLNextProtocolSet.cc index 325af27..df0e5a1 100644 --- a/iocore/net/SSLNextProtocolSet.cc +++ b/iocore/net/SSLNextProtocolSet.cc @@ -79,10 +79,6 @@ fail: bool SSLNextProtocolSet::advertiseProtocols(const unsigned char ** out, unsigned * len) const { - if (!npn && !this->endpoints.empty()) { - create_npn_advertisement(this->endpoints, &npn, &npnsz); - } - if (npn && npnsz) { *out = npn; *len = npnsz; @@ -97,13 +93,6 @@ SSLNextProtocolSet::registerEndpoint(const char * proto, Continuation * ep) { size_t len = strlen(proto); - // Once we start advertising, the set is closed. We need to hand an immutable - // string down into OpenSSL, and there is no mechanism to tell us when it's - // done with it so we have to keep it forever. - if (this->npn) { - return false; - } - // Both ALPN and NPN only allow 255 bytes of protocol name. if (len > 255) { return false; @@ -111,6 +100,15 @@ SSLNextProtocolSet::registerEndpoint(const char * proto, Continuation * ep) if (!findEndpoint((const unsigned char *)proto, len)) { this->endpoints.push(new NextProtocolEndpoint(proto, ep)); + + if (npn) { + ats_free(npn); + npn = NULL; + npnsz = 0; + } + + create_npn_advertisement(this->endpoints, &npn, &npnsz); + return true; }
