public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ensure SSL_get_app_data() continues to work even in SSL_free()

Browse source 
During SSL_free() we may get a QUIC TLS callback being called to clean up
any remaining record data. We should ensure that SSL_get_app_data()
continues to work, even in this scenario.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27091)
This commit is contained in:
Matt Caswell 2025-03-18 12:10:59 +00:00 committed by Tomas Mraz
parent 4ad45969b0
commit 2100cf2ee0
1 changed files with 9 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

17
ssl/ssl_lib.c
View file

@ -1428,11 +1428,10 @@ void SSL_free(SSL *s)
return; return;
REF_ASSERT_ISNT(i < 0); REF_ASSERT_ISNT(i < 0);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
if (s->method != NULL) if (s->method != NULL)
s->method->ssl_free(s); s->method->ssl_free(s);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
SSL_CTX_free(s->ctx); SSL_CTX_free(s->ctx);
CRYPTO_THREAD_lock_free(s->lock); CRYPTO_THREAD_lock_free(s->lock);
CRYPTO_FREE_REF(&s->references); CRYPTO_FREE_REF(&s->references);
@ -1448,15 +1447,17 @@ void ossl_ssl_connection_free(SSL *ssl)
if (s == NULL) if (s == NULL)
return; return;
/*
* Ignore return values. This could result in user callbacks being called
* e.g. for the QUIC TLS record layer. So we do this early before we have
* freed other things.
*/
ssl_free_wbio_buffer(s);
RECORD_LAYER_clear(&s->rlayer);
X509_VERIFY_PARAM_free(s->param); X509_VERIFY_PARAM_free(s->param);
dane_final(&s->dane); dane_final(&s->dane);
/* Ignore return value */
ssl_free_wbio_buffer(s);
/* Ignore return value */
RECORD_LAYER_clear(&s->rlayer);
BUF_MEM_free(s->init_buf); BUF_MEM_free(s->init_buf);
/* add extra stuff */ /* add extra stuff */