[icinga-checkins] icinga.org: icinga2/master: Fix some deadlocks in the TlsStream class.

git at icinga.org git at icinga.org
Tue Mar 12 11:56:23 CET 2013


Module: icinga2
Branch: master
Commit: 91c82263a5985f8e04d8fa9c6f864345d4423ba1
URL:    https://git.icinga.org/?p=icinga2.git;a=commit;h=91c82263a5985f8e04d8fa9c6f864345d4423ba1

Author: Gunnar Beutner <gunnar.beutner at netways.de>
Date:   Tue Mar 12 11:56:14 2013 +0100

Fix some deadlocks in the TlsStream class.

---

 lib/base/tlsstream.cpp           |    4 +---
 lib/remoting/endpointmanager.cpp |    6 +++---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/lib/base/tlsstream.cpp b/lib/base/tlsstream.cpp
index f2de819..eae8e5e 100644
--- a/lib/base/tlsstream.cpp
+++ b/lib/base/tlsstream.cpp
@@ -42,8 +42,6 @@ TlsStream::TlsStream(const Stream::Ptr& innerStream, TlsRole role, shared_ptr<SS
 
 void TlsStream::Start(void)
 {
-	ObjectLock olock(this);
-
 	m_SSL = shared_ptr<SSL>(SSL_new(m_SSLContext.get()), SSL_free);
 
 	m_SSLContext.reset();
@@ -54,7 +52,7 @@ void TlsStream::Start(void)
 		    << errinfo_openssl_error(ERR_get_error()));
 	}
 
-	if (!GetClientCertificate())
+	if (!m_SSL)
 		BOOST_THROW_EXCEPTION(logic_error("No X509 client certificate was specified."));
 
 	if (!m_SSLIndexInitialized) {
diff --git a/lib/remoting/endpointmanager.cpp b/lib/remoting/endpointmanager.cpp
index fc09b10..001921a 100644
--- a/lib/remoting/endpointmanager.cpp
+++ b/lib/remoting/endpointmanager.cpp
@@ -111,7 +111,7 @@ void EndpointManager::AddListener(const String& service)
 {
 	ObjectLock olock(this);
 
-	shared_ptr<SSL_CTX> sslContext = GetSSLContext();
+	shared_ptr<SSL_CTX> sslContext = m_SSLContext;
 
 	if (!sslContext)
 		BOOST_THROW_EXCEPTION(logic_error("SSL context is required for AddListener()"));
@@ -140,7 +140,7 @@ void EndpointManager::AddListener(const String& service)
 void EndpointManager::AddConnection(const String& node, const String& service) {
 	ObjectLock olock(this);
 
-	shared_ptr<SSL_CTX> sslContext = GetSSLContext();
+	shared_ptr<SSL_CTX> sslContext = m_SSLContext;
 
 	if (!sslContext)
 		BOOST_THROW_EXCEPTION(logic_error("SSL context is required for AddConnection()"));
@@ -160,7 +160,7 @@ void EndpointManager::NewClientHandler(const Socket::Ptr& client, TlsRole role)
 	ObjectLock olock(this);
 
 	String peerAddress = client->GetPeerAddress();
-	TlsStream::Ptr tlsStream = boost::make_shared<TlsStream>(client, role, GetSSLContext());
+	TlsStream::Ptr tlsStream = boost::make_shared<TlsStream>(client, role, m_SSLContext);
 	tlsStream->Start();
 
 	m_PendingClients.insert(tlsStream);





More information about the icinga-checkins mailing list