commit 5baa521: [Fix] Try to fix another ownership race in ssl connection

[Vsevolod Stakhov]

Author: Vsevolod Stakhov
Date: 2019-10-27 13:28:51 +0000
URL: https://github.com/rspamd/rspamd/commit/5baa521083597a39958c5bb677f308ff75831648

[Fix] Try to fix another ownership race in ssl connection

---
 src/libutil/ssl_util.c | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/src/libutil/ssl_util.c b/src/libutil/ssl_util.c
index 6bd7a1986..e7bd33be9 100644
--- a/src/libutil/ssl_util.c
+++ b/src/libutil/ssl_util.c
@@ -49,6 +49,7 @@ struct rspamd_ssl_connection {
 	gchar *hostname;
 	const gchar *log_tag;
 	struct rspamd_io_ev *ev;
+	struct rspamd_io_ev *shut_ev;
 	struct ev_loop *event_loop;
 	rspamd_ssl_handler_t handler;
 	rspamd_ssl_error_handler_t err_handler;
@@ -60,6 +61,8 @@ struct rspamd_ssl_connection {
         G_STRFUNC, \
         __VA_ARGS__)
 
+static void rspamd_ssl_event_handler (gint fd, short what, gpointer ud);
+
 INIT_LOG_MODULE(ssl)
 
 static GQuark
@@ -418,6 +421,11 @@ rspamd_ssl_connection_dtor (struct rspamd_ssl_connection *conn)
 		g_free (conn->hostname);
 	}
 
+	if (conn->shut_ev) {
+		rspamd_ev_watcher_stop (conn->event_loop, conn->shut_ev);
+		g_free (conn->shut_ev);
+	}
+
 	close (conn->fd);
 	g_free (conn);
 }
@@ -455,7 +463,17 @@ rspamd_ssl_shutdown (struct rspamd_ssl_connection *conn)
 		}
 
 		/* As we own fd, we can try to perform shutdown one more time */
-		rspamd_ev_watcher_reschedule (conn->event_loop, conn->ev, what);
+		/* BUGON: but we DO NOT own conn->ev, and it's a big issue */
+		static const ev_tstamp shutdown_time = 5.0;
+
+		rspamd_ev_watcher_stop (conn->event_loop, conn->ev);
+		conn->shut_ev = g_malloc0 (sizeof (*conn->shut_ev));
+		rspamd_ev_watcher_init (conn->shut_ev, conn->fd, what,
+				rspamd_ssl_event_handler, conn);
+		rspamd_ev_watcher_start (conn->event_loop, conn->shut_ev, shutdown_time);
+		/* XXX: can it be done safely ? */
+		conn->ev = conn->shut_ev;
+
 		conn->state = ssl_next_shutdown;
 	}
 }
@@ -621,7 +639,7 @@ rspamd_ssl_connect_fd (struct rspamd_ssl_connection *conn, gint fd,
 
 		msg_debug_ssl ("connected, start write event");
 		rspamd_ev_watcher_stop (conn->event_loop, ev);
-		rspamd_ev_watcher_init (ev, fd, EV_WRITE, rspamd_ssl_event_handler, conn);
+		rspamd_ev_watcher_init (ev, nfd, EV_WRITE, rspamd_ssl_event_handler, conn);
 		rspamd_ev_watcher_start (conn->event_loop, ev, timeout);
 	}
 	else {
@@ -641,7 +659,7 @@ rspamd_ssl_connect_fd (struct rspamd_ssl_connection *conn, gint fd,
 		}
 
 		rspamd_ev_watcher_stop (conn->event_loop, ev);
-		rspamd_ev_watcher_init (ev, fd, EV_WRITE|EV_READ,
+		rspamd_ev_watcher_init (ev, nfd, EV_WRITE|EV_READ,
 				rspamd_ssl_event_handler, conn);
 		rspamd_ev_watcher_start (conn->event_loop, ev, timeout);
 	}