OpenSSLSocketImpl: Move state checks inside mutex

Checking the state of the connection is unreliable if SSL_read and SSL_write are happening in another thread. Move the state checks inside our application mutex so we don't run into another thread mutating the state at the same time. Bug: 15606096 (cherry picked from commit 0931d51c) Change-Id: I151ecbc57278374007a56827a65295b4c9476732

OpenSSLSocketImpl: Move state checks inside mutex
Checking the state of the connection is unreliable if SSL_read and SSL_write are happening in another thread. Move the state checks inside our application mutex so we don't run into another thread mutating the state at the same time. Bug: 15606096 (cherry picked from commit 0931d51c) Change-Id: I151ecbc57278374007a56827a65295b4c9476732
4b050b6f · Kenny Root · Brian Carlstrom · 1ffe43e8 · 4b050b6f
Commit 4b050b6f authored 10 years ago by Kenny Root Committed by Brian Carlstrom 10 years ago
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 8 deletions

src/main/native/org_conscrypt_NativeCrypto.cpp src/main/native/org_conscrypt_NativeCrypto.cpp +16 -8

No files found.
--- a/src/main/native/org_conscrypt_NativeCrypto.cpp
+++ b/src/main/native/org_conscrypt_NativeCrypto.cpp
@@ -8540,10 +8540,6 @@ static int sslRead(JNIEnv* env, SSL* ssl, jobject fdObject, jobject shc, char* b
    JNI_TRACE("ssl=%p sslRead appData=%p", ssl, appData);
    if (appData == NULL) {
        return THROW_SSLEXCEPTION;
-    } else if (!SSL_is_init_finished(ssl) && !SSL_cutthrough_complete(ssl) &&
-               !SSL_renegotiate_pending(ssl)) {
-        JNI_TRACE("ssl=%p sslRead => init is not finished (state=0x%x)", ssl, SSL_get_state(ssl));
-        return THROW_SSLEXCEPTION;
    }

    while (appData->aliveAndKicking) {
@@ -8553,6 +8549,14 @@ static int sslRead(JNIEnv* env, SSL* ssl, jobject fdObject, jobject shc, char* b
            return -1;
        }

+        if (!SSL_is_init_finished(ssl) && !SSL_cutthrough_complete(ssl) &&
+               !SSL_renegotiate_pending(ssl)) {
+            JNI_TRACE("ssl=%p sslRead => init is not finished (state=0x%x)", ssl,
+                    SSL_get_state(ssl));
+            MUTEX_UNLOCK(appData->mutex);
+            return THROW_SSLEXCEPTION;
+        }
+
        unsigned int bytesMoved = BIO_number_read(rbio) + BIO_number_written(wbio);

        if (!appData->setCallbackState(env, shc, fdObject, NULL, NULL)) {
@@ -8857,10 +8861,6 @@ static int sslWrite(JNIEnv* env, SSL* ssl, jobject fdObject, jobject shc, const
    JNI_TRACE("ssl=%p sslWrite appData=%p", ssl, appData);
    if (appData == NULL) {
        return THROW_SSLEXCEPTION;
-    } else if (!SSL_is_init_finished(ssl) && !SSL_cutthrough_complete(ssl) &&
-               !SSL_renegotiate_pending(ssl)) {
-        JNI_TRACE("ssl=%p sslWrite => init is not finished (state=0x%x)", ssl, SSL_get_state(ssl));
-        return THROW_SSLEXCEPTION;
    }

    int count = len;
@@ -8872,6 +8872,14 @@ static int sslWrite(JNIEnv* env, SSL* ssl, jobject fdObject, jobject shc, const
            return -1;
        }

+        if (!SSL_is_init_finished(ssl) && !SSL_cutthrough_complete(ssl) &&
+               !SSL_renegotiate_pending(ssl)) {
+            JNI_TRACE("ssl=%p sslWrite => init is not finished (state=0x%x)", ssl,
+                    SSL_get_state(ssl));
+            MUTEX_UNLOCK(appData->mutex);
+            return THROW_SSLEXCEPTION;
+        }
+
        unsigned int bytesMoved = BIO_number_read(rbio) + BIO_number_written(wbio);

        if (!appData->setCallbackState(env, shc, fdObject, NULL, NULL)) {