Mercurial > dovecot > core-2.2
changeset 22808:1bf8b3a77a92
lib-ssl-iostream: openssl: Make verbose logging robust against i_debug() writing to stream itself.
In dsync, i_debug() is overridden to write to the SSL stream itself through a
multiplexed data stream. So, during the i_debug() call all kinds of things can
happen to the persisted error string in the stream, which caused problems.
| author | Stephan Bosch <stephan.bosch@dovecot.fi> |
|---|---|
| date | Mon, 29 Jan 2018 18:28:25 +0100 |
| parents | 145ba79cb7aa |
| children | 9d921404799f |
| files | src/lib-ssl-iostream/iostream-openssl.c |
| diffstat | 1 files changed, 9 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-ssl-iostream/iostream-openssl.c Mon Feb 05 23:54:33 2018 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl.c Mon Jan 29 18:28:25 2018 +0100 @@ -12,14 +12,21 @@ static void openssl_iostream_set_error(struct ssl_iostream *ssl_io, const char *str) { + char *new_str; + + /* i_debug() may sometimes be overriden, making it write to this very + same SSL stream, in which case the provided str may be invalidated + before it is even used. Therefore, we duplicate it immediately. */ + new_str = i_strdup(str); + if (ssl_io->verbose) { /* This error should normally be logged by lib-ssl-iostream's caller. But if verbose=TRUE, log it here as well to make sure that the error is always logged. */ - i_debug("%sSSL error: %s", ssl_io->log_prefix, str); + i_debug("%sSSL error: %s", ssl_io->log_prefix, new_str); } i_free(ssl_io->last_error); - ssl_io->last_error = i_strdup(str); + ssl_io->last_error = new_str; } static void openssl_info_callback(const SSL *ssl, int where, int ret)