diff options
| author | Jose <jose@zeroc.com> | 2018-07-26 11:54:31 +0200 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2018-07-26 11:56:31 +0200 |
| commit | 5bb344723f0ffa4bdfa97eac47d865ab789b75a5 (patch) | |
| tree | 2e15f70398bcbdf049a9c1e26d2cbe3f631c10ed /cpp/src/IceSSL/OpenSSLEngine.cpp | |
| parent | Missing __decRef call in Thread::start (diff) | |
| download | ice-5bb344723f0ffa4bdfa97eac47d865ab789b75a5.tar.bz2 ice-5bb344723f0ffa4bdfa97eac47d865ab789b75a5.tar.xz ice-5bb344723f0ffa4bdfa97eac47d865ab789b75a5.zip | |
OpenSSLEngine fix openssl cleanup
Close #169
Diffstat (limited to 'cpp/src/IceSSL/OpenSSLEngine.cpp')
| -rw-r--r-- | cpp/src/IceSSL/OpenSSLEngine.cpp | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 3411cc047f0..17d48b342ef 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -201,8 +201,6 @@ OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : IceSSL::SSLEngine(communicator), _ctx(0) { - __setNoDelete(true); - // // Initialize OpenSSL if necessary. // @@ -279,6 +277,7 @@ OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : if(!IceUtilInternal::splitString(randFiles, IceUtilInternal::pathsep, files)) { + cleanup(); throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: invalid value for IceSSL.Random:\n" + randFiles); } @@ -288,11 +287,13 @@ OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : string resolved; if(!checkPath(file, defaultDir, false, resolved)) { + cleanup(); throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: entropy data file not found:\n" + file); } if(!RAND_load_file(resolved.c_str(), 1024)) { + cleanup(); throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unable to load entropy data from " + resolved); } @@ -308,6 +309,7 @@ OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : { if(RAND_egd(entropyDaemon.c_str()) <= 0) { + cleanup(); throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: EGD failure using file " + entropyDaemon); } @@ -332,21 +334,24 @@ OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : #endif } } - __setNoDelete(false); } -OpenSSL::SSLEngine::~SSLEngine() +void +OpenSSL::SSLEngine::cleanup() { -// -// OpenSSL 1.1.0 remove the need for library initialization and cleanup. -// + // + // Must be called with the static mutex locked. + // + --instanceCount; + // + // OpenSSL 1.1.0 remove the need for library initialization and cleanup. We + // still need to decrement instanceCount + // #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) // // Clean up OpenSSL resources. // - IceUtilInternal::MutexPtrLock<IceUtil::Mutex> sync(staticMutex); - - if(--instanceCount == 0 && initOpenSSL) + if(instanceCount == 0 && initOpenSSL) { // // NOTE: We can't destroy the locks here: threads which might have called openssl methods @@ -366,6 +371,12 @@ OpenSSL::SSLEngine::~SSLEngine() #endif } +OpenSSL::SSLEngine::~SSLEngine() +{ + IceUtilInternal::MutexPtrLock<IceUtil::Mutex> sync(staticMutex); + cleanup(); +} + void OpenSSL::SSLEngine::initialize() { |