diff options
Diffstat (limited to 'openssl')
| -rw-r--r-- | openssl/src/c_helpers.c | 4 | ||||
| -rw-r--r-- | openssl/src/ssl/mod.rs | 19 |
2 files changed, 10 insertions, 13 deletions
diff --git a/openssl/src/c_helpers.c b/openssl/src/c_helpers.c index 3739cfc2..402c36ec 100644 --- a/openssl/src/c_helpers.c +++ b/openssl/src/c_helpers.c @@ -3,3 +3,7 @@ void rust_SSL_clone(SSL *ssl) { CRYPTO_add(&ssl->references, 1, CRYPTO_LOCK_SSL); } + +void rust_SSL_CTX_clone(SSL_CTX *ctx) { + CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); +} diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 6558e1a4..3b22c755 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -41,6 +41,7 @@ pub use ssl::error::Error; extern "C" { fn rust_SSL_clone(ssl: *mut ffi::SSL); + fn rust_SSL_CTX_clone(cxt: *mut ffi::SSL_CTX); } static mut VERIFY_IDX: c_int = -1; @@ -297,20 +298,15 @@ extern fn raw_verify_with_data<T>(preverify_ok: c_int, let verify: Option<VerifyCallbackData<T>> = mem::transmute(verify); let data = ffi::SSL_CTX_get_ex_data(ssl_ctx, get_verify_data_idx::<T>()); - let data: Box<T> = mem::transmute(data); + let data: &T = mem::transmute(data); let ctx = X509StoreContext::new(x509_ctx); let res = match verify { None => preverify_ok, - Some(verify) => verify(preverify_ok != 0, &ctx, &*data) as c_int + Some(verify) => verify(preverify_ok != 0, &ctx, data) as c_int }; - // Since data might be required on the next verification - // it is time to forget about it and avoid dropping - // data will be freed once OpenSSL considers it is time - // to free all context data - mem::forget(data); res } } @@ -321,6 +317,7 @@ extern fn raw_sni(ssl: *mut ffi::SSL, ad: &mut c_int, _arg: *mut c_void) let ssl_ctx = ffi::SSL_get_SSL_CTX(ssl); let callback = ffi::SSL_CTX_get_ex_data(ssl_ctx, SNI_IDX); let callback: Option<ServerNameCallback> = mem::transmute(callback); + rust_SSL_clone(ssl); let mut s = Ssl { ssl: ssl }; let res = match callback { @@ -328,8 +325,6 @@ extern fn raw_sni(ssl: *mut ffi::SSL, ad: &mut c_int, _arg: *mut c_void) Some(callback) => callback(&mut s, ad) }; - // Allows dropping the Ssl instance without calling SSL_FREE on the SSL object - mem::forget(s); res } } @@ -341,6 +336,7 @@ extern fn raw_sni_with_data<T>(ssl: *mut ffi::SSL, ad: &mut c_int, arg: *mut c_v let callback = ffi::SSL_CTX_get_ex_data(ssl_ctx, SNI_IDX); let callback: Option<ServerNameCallbackData<T>> = mem::transmute(callback); + rust_SSL_clone(ssl); let mut s = Ssl { ssl: ssl }; let data: &T = mem::transmute(arg); @@ -350,9 +346,6 @@ extern fn raw_sni_with_data<T>(ssl: *mut ffi::SSL, ad: &mut c_int, arg: *mut c_v Some(callback) => callback(&mut s, ad, &*data) }; - // Allows dropping the Ssl instance without calling SSL_FREE on the SSL object - mem::forget(s); - // Since data might be required on the next verification // it is time to forget about it and avoid dropping // data will be freed once OpenSSL considers it is time @@ -984,7 +977,7 @@ impl Ssl { pub fn get_ssl_context(&self) -> SslContext { unsafe { let ssl_ctx = ffi::SSL_get_SSL_CTX(self.ssl); - ffi_extras::SSL_CTX_increment_refcount(ssl_ctx); + rust_SSL_CTX_clone(ssl_ctx); SslContext { ctx: ssl_ctx } } } |