From b3aecf0176d522dec09e3c4dbf364a61aff51df3 Mon Sep 17 00:00:00 2001 From: wfurt Date: Mon, 15 Aug 2022 14:52:16 -0700 Subject: [PATCH 1/2] fold reference to SslContextHandle to prevent crashes --- .../System.Security.Cryptography.Native/Interop.OpenSsl.cs | 3 +++ .../Unix/System.Security.Cryptography.Native/Interop.Ssl.cs | 3 +++ 2 files changed, 6 insertions(+) diff --git a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs index 826d39abc09e1f..f0734837b8f3cc 100644 --- a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs +++ b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs @@ -394,6 +394,9 @@ internal static SafeSslHandle AllocateSslHandle(SslAuthenticationOptions sslAuth if (cacheSslContext && !string.IsNullOrEmpty(punyCode)) { sslCtxHandle.TrySetSession(sslHandle, punyCode); + bool ignored = false; // DangerousAddRef will throw on failure + sslCtxHandle.DangerousAddRef(ref ignored); + sslHandle.SslContextHandle = sslCtxHandle; } // relevant to TLS 1.3 only: if user supplied a client cert or cert callback, diff --git a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Ssl.cs b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Ssl.cs index bea9f4625a4ac0..419805223510b3 100644 --- a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Ssl.cs +++ b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Ssl.cs @@ -335,6 +335,7 @@ internal sealed class SafeSslHandle : SafeDeleteSslContext private bool _handshakeCompleted; public GCHandle AlpnHandle; + public SafeSslContextHandle? SslContextHandle; public bool IsServer { @@ -432,6 +433,8 @@ protected override bool ReleaseHandle() Disconnect(); } + SslContextHandle?.DangerousRelease(); + IntPtr h = handle; SetHandle(IntPtr.Zero); Interop.Ssl.SslDestroy(h); // will free the handles underlying _readBio and _writeBio From f7c7cb4d65b286573de1e9bd9be19b584b6c67f7 Mon Sep 17 00:00:00 2001 From: Dan Moseley Date: Tue, 16 Aug 2022 09:58:14 -0600 Subject: [PATCH 2/2] Update src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs Co-authored-by: Stephen Toub --- .../Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs index f0734837b8f3cc..f22665ebc260fc 100644 --- a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs +++ b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs @@ -394,7 +394,7 @@ internal static SafeSslHandle AllocateSslHandle(SslAuthenticationOptions sslAuth if (cacheSslContext && !string.IsNullOrEmpty(punyCode)) { sslCtxHandle.TrySetSession(sslHandle, punyCode); - bool ignored = false; // DangerousAddRef will throw on failure + bool ignored = false; sslCtxHandle.DangerousAddRef(ref ignored); sslHandle.SslContextHandle = sslCtxHandle; }