Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#2652 closed defect (fixed)

Clean up use of SSL_*_app_data functions

Reported by: rransom Owned by: rransom
Priority: High Milestone: Tor: 0.2.3.1-alpha
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Commit 49de5431d53b made Tor use SSL_set_app_data and SSL_get_app_data instead of its previous hash table to look up the tor_tls_t * object corresponding to an SSL * object. Unfortunately:

  • The patch left in two hash-table helper functions that it made unused. Reported by mobmix.
  • The patch did not check the result of SSL_set_app_data for errors. Reported by piebeer.
  • The SSL_*_app_data functions are actually macros wrapping corresponding SSL_*_ex_data functions in such a way that a program that tries to use the app_data and ex_data functions at the same time will break horribly.

Child Tickets

Change History (6)

comment:1 Changed 8 years ago by rransom

Status: newneeds_review

See use_ex_data_directly ( ssh://mob@repo.or.cz/srv/git/tor/rransom.git use_ex_data_directly ) for cleanup patches.

I tried to understand the inner workings of the SSL_*_ex_data functions and failed. I wrote the patches in use_ex_data_directly based on the information in the relevant OpenSSL man pages. I do not trust the ex_data functions; I only wrote these patches because nickm and ioerror are determined to not switch back to using the hash table removed by commit 49de5431d53b, and I distrust the app_data macros even more than I distrust the ex_data functions.

comment:2 Changed 8 years ago by nickm

Just added a couple of tweaks in my use_ex_data_directly branch; please have a look.

comment:3 in reply to:  2 Changed 8 years ago by rransom

Replying to nickm:

Just added a couple of tweaks in my use_ex_data_directly branch; please have a look.

Looks good.

comment:4 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

merged; thanks

comment:5 Changed 7 years ago by nickm

Keywords: tor-relay added

comment:6 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.