Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-1665

Review locking - TLS / SSL thread safety with proactor

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • proton-c-0.18.0
    • proton-c-future
    • proton-c

    Description

      ssl_domain objects are semi-global.

      For example two connections simultaneously creating or releasing their own private pn_ssl_t objects may mess up the refcount of the shared pn_ssl_domain_t object leading to memory corruption or leaks.

      Windows schannel is further complicated by the OS internal refcounting of its security context thingies. That may get automatically solved by the above, or may require a separate JIRA to track. The same may apply to openssl.

      The obvious thread-safety issues were addressed by PROTON-1620 and the use of per-transport SSL objects appears to be correct and safe. However we need a careful review of the use of shared OpenSSL objects (related to SSL domains and certificate stores) to ensure they are being used safely and no additional locks are needed.

      Attachments

        Issue Links

          is a clone of

          Bug - A problem which impairs or prevents the functions of the product. PROTON-1620 TLS / SSL thread safety with proactor

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          links to

          Web Link GitHub Pull Request #125

          Activity

            People

              Unassigned Unassigned
              aconway Alan Conway
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: