Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit5eaa369

Browse files
committed
Fix SSL deadlock risk in libpq
In libpq, we set up and pass to OpenSSL callback routines to handlelocking. When we run out of SSL connections, we try to clean thingsup by de-registering the hooks. Unfortunately, we had a few callsinto the OpenSSL library after these hooks were de-registered duringSSL cleanup which lead to deadlocking. This moves the thread callbackcleanup to be after all SSL-cleanup related OpenSSL library calls.I've been unable to reproduce the deadlock with this fix.In passing, also move the close_SSL call to be after unlocking ourssl_config mutex when in a failure state. While it looks prettyunlikely to be an issue, it could have resulted in deadlocks if weended up in this code path due to something other than SSL_newfailing. Thanks to Heikki for pointing this out.Back-patch to all supported versions; note that the close_SSL issueonly goes back to 9.0, so that hunk isn't included in the 8.4 patch.Initially found and reported by Vesa-Matti J Kari; many thanks toboth Heikki and Andres for their help running down the specificissue and reviewing the patch.
1 parentf0d76a5 commit5eaa369

File tree

1 file changed

+22
-2
lines changed

1 file changed

+22
-2
lines changed

‎src/interfaces/libpq/fe-secure.c

Lines changed: 22 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -283,10 +283,11 @@ pqsecure_open_client(PGconn *conn)
283283
libpq_gettext("could not establish SSL connection: %s\n"),
284284
err);
285285
SSLerrfree(err);
286-
close_SSL(conn);
287286
#ifdefENABLE_THREAD_SAFETY
288287
pthread_mutex_unlock(&ssl_config_mutex);
289288
#endif
289+
close_SSL(conn);
290+
290291
returnPGRES_POLLING_FAILED;
291292
}
292293
#ifdefENABLE_THREAD_SAFETY
@@ -1525,15 +1526,23 @@ open_client_SSL(PGconn *conn)
15251526
staticvoid
15261527
close_SSL(PGconn*conn)
15271528
{
1529+
booldestroy_needed= false;
1530+
15281531
if (conn->ssl)
15291532
{
15301533
DECLARE_SIGPIPE_INFO(spinfo);
15311534

1535+
/*
1536+
* We can't destroy everything SSL-related here due to the possible
1537+
* later calls to OpenSSL routines which may need our thread
1538+
* callbacks, so set a flag here and check at the end.
1539+
*/
1540+
destroy_needed= true;
1541+
15321542
DISABLE_SIGPIPE(conn,spinfo, (void)0);
15331543
SSL_shutdown(conn->ssl);
15341544
SSL_free(conn->ssl);
15351545
conn->ssl=NULL;
1536-
pqsecure_destroy();
15371546
/* We have to assume we got EPIPE */
15381547
REMEMBER_EPIPE(spinfo, true);
15391548
RESTORE_SIGPIPE(conn,spinfo);
@@ -1553,6 +1562,17 @@ close_SSL(PGconn *conn)
15531562
conn->engine=NULL;
15541563
}
15551564
#endif
1565+
1566+
/*
1567+
* This will remove our SSL locking hooks, if this is the last SSL
1568+
* connection, which means we must wait to call it until after all
1569+
* SSL calls have been made, otherwise we can end up with a race
1570+
* condition and possible deadlocks.
1571+
*
1572+
* See comments above destroy_ssl_system().
1573+
*/
1574+
if (destroy_needed)
1575+
pqsecure_destroy();
15561576
}
15571577

15581578
/*

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp