Bug #12292 » 0001-ext-openssl-make-OpenSSL-SSL-SSLSocket-non-reusable.patch
| ext/openssl/lib/openssl/ssl.rb | ||
|---|---|---|
|
# call-seq:
|
||
|
# ssl.sysclose => nil
|
||
|
#
|
||
|
# Shuts down the SSL connection and prepares it for another connection.
|
||
|
# Sends "close notify" to the peer and tries to shut down the SSL
|
||
|
# connection gracefully.
|
||
|
#
|
||
|
# If sync_close is set to +true+, the underlying IO is also closed.
|
||
|
def sysclose
|
||
|
return if closed?
|
||
|
stop
|
||
| ext/openssl/ossl_ssl.c | ||
|---|---|---|
|
* call-seq:
|
||
|
* ssl.stop => nil
|
||
|
*
|
||
|
* Stops the SSL connection and prepares it for another connection.
|
||
|
* Sends "close notify" to the peer and tries to shut down the SSL connection
|
||
|
* gracefully.
|
||
|
*/
|
||
|
static VALUE
|
||
|
ossl_ssl_stop(VALUE self)
|
||
| ... | ... | |
|
/* ossl_ssl_data_get_struct() is not usable here because it may return
|
||
|
* from this function; */
|
||
|
GetSSL(self, ssl);
|
||
|
if (ssl) {
|
||
|
/* the SSL object will be freed by GC */
|
||
|
ossl_ssl_shutdown(ssl);
|
||
|
SSL_free(ssl);
|
||
|
}
|
||
|
DATA_PTR(self) = NULL;
|
||
|
return Qnil;
|
||
|
}
|
||
| test/openssl/test_ssl.rb | ||
|---|---|---|
|
}
|
||
|
end
|
||
|
def test_close_and_socket_close_while_connecting
|
||
|
# test it doesn't cause a segmentation fault
|
||
|
ctx = OpenSSL::SSL::SSLContext.new
|
||
|
ctx.ciphers = "aNULL"
|
||
|
sock1, sock2 = socketpair
|
||
|
ssl1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx)
|
||
|
ssl2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx)
|
||
|
t = Thread.new { ssl1.connect }
|
||
|
ssl2.accept
|
||
|
ssl1.close
|
||
|
sock1.close
|
||
|
t.value rescue nil
|
||
|
ensure
|
||
|
ssl1.close if ssl1
|
||
|
ssl2.close if ssl2
|
||
|
sock1.close if sock1
|
||
|
sock2.close if sock2
|
||
|
end
|
||
|
def test_get_ephemeral_key
|
||
|
return unless OpenSSL::SSL::SSLSocket.method_defined?(:tmp_key)
|
||
|
pkey = OpenSSL::PKey
|
||