From 9f5f67bda26979bb75e10a0ce0080997b1b72603 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 12 Sep 2018 11:32:15 -0400 Subject: [PATCH] Use tor_tls_release_socket() to avoid double-closed sockets on NSS Closes ticket 27451; bug not in any released Tor. --- src/core/mainloop/connection.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c index ffc9010fb8..16ce8b3f2a 100644 --- a/src/core/mainloop/connection.c +++ b/src/core/mainloop/connection.c @@ -638,8 +638,19 @@ connection_free_minimal(connection_t *conn) if (connection_speaks_cells(conn)) { or_connection_t *or_conn = TO_OR_CONN(conn); - tor_tls_free(or_conn->tls); - or_conn->tls = NULL; + if (or_conn->tls) { + if (! SOCKET_OK(conn->s)) { + /* The socket has been closed by somebody else; we must tell the + * TLS object not to close it. */ + tor_tls_release_socket(or_conn->tls); + } else { + /* The tor_tls_free() call below will close the socket; we must tell + * the code below not to close it a second time. */ + conn->s = TOR_INVALID_SOCKET; + } + tor_tls_free(or_conn->tls); + or_conn->tls = NULL; + } or_handshake_state_free(or_conn->handshake_state); or_conn->handshake_state = NULL; tor_free(or_conn->nickname);