From a0bebb9f67527a93e1232eaf1a0f6420be4d492b Mon Sep 17 00:00:00 2001 From: Andy Green Date: Wed, 21 Apr 2021 09:15:58 +0100 Subject: [PATCH] ss: proxy: fix conn deref on onward Trying to use the opaque pointer in the handle to point to the conn isn't going to work when we need it to point to the ss handle. Move it to have its on place in the handle. --- lib/secure-streams/private-lib-secure-streams.h | 3 +++ lib/secure-streams/secure-streams-process.c | 5 ++--- lib/secure-streams/secure-streams.c | 2 +- lib/system/metrics/metrics.c | 8 +++++--- .../minimal-secure-streams-testsfail/CMakeLists.txt | 4 ++-- 5 files changed, 13 insertions(+), 9 deletions(-) diff --git a/lib/secure-streams/private-lib-secure-streams.h b/lib/secure-streams/private-lib-secure-streams.h index 9bf6f310b..b48af3a27 100644 --- a/lib/secure-streams/private-lib-secure-streams.h +++ b/lib/secure-streams/private-lib-secure-streams.h @@ -39,6 +39,7 @@ typedef enum { SSSEQ_CONNECTED, } lws_ss_seq_state_t; +struct conn; /** * lws_ss_handle_t: publicly-opaque secure stream object implementation @@ -70,6 +71,8 @@ typedef struct lws_ss_handle { struct lws_sequencer *seq; /**< owning sequencer if any */ struct lws *wsi; /**< the stream wsi if any */ + struct conn *conn_if_sspc_onw; + #if defined(LWS_WITH_SSPLUGINS) void *nauthi; /**< the nauth plugin instance data */ void *sauthi; /**< the sauth plugin instance data */ diff --git a/lib/secure-streams/secure-streams-process.c b/lib/secure-streams/secure-streams-process.c index 9edd7a631..abd8c9128 100644 --- a/lib/secure-streams/secure-streams-process.c +++ b/lib/secure-streams/secure-streams-process.c @@ -68,13 +68,12 @@ void lws_proxy_clean_conn_ss(struct lws *wsi) { #if 0 - struct conn *conn; + lws_ss_handle_t *h = (lws_ss_handle_t *)wsi->a.opaque_user_data; + struct conn *conn = h->conn_if_sspc_onw; if (!wsi) return; - conn = (struct conn *)wsi->a.opaque_user_data; - if (conn && conn->ss) conn->ss->wsi = NULL; #endif diff --git a/lib/secure-streams/secure-streams.c b/lib/secure-streams/secure-streams.c index 52a86be81..498892da2 100644 --- a/lib/secure-streams/secure-streams.c +++ b/lib/secure-streams/secure-streams.c @@ -721,7 +721,7 @@ _lws_ss_client_connect(lws_ss_handle_t *h, int is_retry, void *conn_if_sspc_onw) if (conn_if_sspc_onw) { i.ssl_connection |= LCCSCF_SECSTREAM_PROXY_ONWARD; - // i.opaque_user_data = conn_if_sspc_onw; + h->conn_if_sspc_onw = conn_if_sspc_onw; } diff --git a/lib/system/metrics/metrics.c b/lib/system/metrics/metrics.c index f906bcd40..b7a2accac 100644 --- a/lib/system/metrics/metrics.c +++ b/lib/system/metrics/metrics.c @@ -606,11 +606,13 @@ lws_metrics_hist_bump_describe_wsi(struct lws *wsi, lws_metric_pub_t *pub, h->ssi.streamtype); } else if (wsi->client_proxy_onward) { - struct conn *conn = (struct conn *)wsi->a.opaque_user_data; + lws_ss_handle_t *h = (lws_ss_handle_t *)wsi->a.opaque_user_data; + struct conn *conn = h->conn_if_sspc_onw; if (conn && conn->ss) - p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "ss=\"%s\",", - conn->ss->info.streamtype); + p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), + "ss=\"%s\",", + conn->ss->info.streamtype); } else #endif if (wsi->for_ss) { diff --git a/minimal-examples/secure-streams/minimal-secure-streams-testsfail/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams-testsfail/CMakeLists.txt index 824449434..cd194e18d 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-testsfail/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams-testsfail/CMakeLists.txt @@ -53,11 +53,11 @@ if (requirements) -i ${CTEST_SOCKET_PATH} -d1039) set_tests_properties(st_sstfproxy PROPERTIES WORKING_DIRECTORY . FIXTURES_SETUP sstfproxy TIMEOUT 800) - add_test(NAME ki_ssproxy COMMAND + add_test(NAME ki_sstfproxy COMMAND ${CMAKE_SOURCE_DIR}/scripts/ctest-background-kill.sh sstfproxy $ -i ${CTEST_SOCKET_PATH}) - set_tests_properties(ki_ssproxy PROPERTIES FIXTURES_CLEANUP sstfproxy) + set_tests_properties(ki_sstfproxy PROPERTIES FIXTURES_CLEANUP sstfproxy) # # the client part that will connect to the proxy