GNOME Bugzilla – Bug 697754
gtlsconnection-gnutls crash if trying to do a read/write during a async handshake
Last modified: 2017-11-15 12:56:19 UTC
If one calls g_tls_connection_handshake_async() and then after the handshake has finished, but before the callback has been called, one calls read or write, it will get confused and try to complete the handshake as if it had been an implicit handshake. With test and patch!
Created attachment 241201 [details] [review] tls: Test for crash when read or write is called during an async handshake
Created attachment 241202 [details] [review] gtlsconnection-gnutls: Only finish implicit handshake if handshake is implicit
Comment on attachment 241202 [details] [review] gtlsconnection-gnutls: Only finish implicit handshake if handshake is implicit looks good, but please squash the two patches together (or commit the fix first and the test second) so that there's not a commit where the tests don't pass
Created attachment 241212 [details] [review] gtlsconnection-gnutls: Only finish implicit handshake if handshake is implicit Also add a test to prevent regressions, this test tries to do a async handshake, and waits for the actual handshake to finish, but before allowing the callback to happen it tries to do a write.
Created attachment 241213 [details] [review] gtlsconnection-gnutls: Only finish implicit handshake if handshake is implicit With extra g_test_bug(), also please triple check that my fix is correct, I'm not sure I understand all of the possible interactions.
Comment on attachment 241213 [details] [review] gtlsconnection-gnutls: Only finish implicit handshake if handshake is implicit yeah, pretty sure it's right. i need to go through and re-figure all this out and improve the comment inside the GTlsConnectionGnutlsPrivate definition. I'm not so convinced of its correctness that I'd want to land it in today's release though. So, commit it to master, and if it doesn't cause problems, we'll get it into 3.8.2
Pushed into the master branch
*** Bug 725423 has been marked as a duplicate of this bug. ***