[tor-commits] [tor/master] Use tor_tls_release_socket() to avoid double-closed sockets on NSS

[nickm at torproject.org]

commit 9f5f67bda26979bb75e10a0ce0080997b1b72603
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Sep 12 11:32:15 2018 -0400

    Use tor_tls_release_socket() to avoid double-closed sockets on NSS
    
    Closes ticket 27451; bug not in any released Tor.
---
 src/core/mainloop/connection.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index ffc9010fb..16ce8b3f2 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -638,8 +638,19 @@ connection_free_minimal(connection_t *conn)
 
   if (connection_speaks_cells(conn)) {
     or_connection_t *or_conn = TO_OR_CONN(conn);
-    tor_tls_free(or_conn->tls);
-    or_conn->tls = NULL;
+    if (or_conn->tls) {
+      if (! SOCKET_OK(conn->s)) {
+        /* The socket has been closed by somebody else; we must tell the
+         * TLS object not to close it. */
+        tor_tls_release_socket(or_conn->tls);
+      } else {
+        /* The tor_tls_free() call below will close the socket; we must tell
+         * the code below not to close it a second time. */
+        conn->s = TOR_INVALID_SOCKET;
+      }
+      tor_tls_free(or_conn->tls);
+      or_conn->tls = NULL;
+    }
     or_handshake_state_free(or_conn->handshake_state);
     or_conn->handshake_state = NULL;
     tor_free(or_conn->nickname);