[OpenSIPS-Devel] TLS cleanup
Răzvan Crainea
razvan at opensips.org
Tue Jan 14 06:54:36 EST 2020
Hi, Dan!
When the code hits the _tcpconn_rm function, the connection is taken out
of the connections hash, therefore there's no one who can come to fetch
the connection and do anything with it.
That's why, I'd argue it is safe to run the tls_conn_clean() out of the
write lock.
Best regards,
Răzvan
On 1/13/20 3:14 PM, Dan Pascu wrote:
>
> I noticed that tls_conn_clean() is not called with a lock. All other SSL operations that reads/writes to the connection will lock it with conn->write_lock. tls_conn_clean() ends up calling SSL_shutdown() which will write to the connection as SSL shutdown implies an exchange with the other endpoint.
>
> It also seems that conn->write_lock is destroyed right before calling conn_clean(), so at the moment it can't even be used.
>
> Can someone with a better understanding of the way SSL code interacts with the multi-process nature of opensips take a look and check if we really do not need to call tls_conn_clean() with a lock?
>
> --
> Dan
>
>
>
>
>
> _______________________________________________
> Devel mailing list
> Devel at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
>
--
Răzvan Crainea
OpenSIPS Core Developer
http://www.opensips-solutions.com
More information about the Devel
mailing list