[glib-networking] gnutls: fix a hang when closing during handshake
- From: Dan Winship <danw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking] gnutls: fix a hang when closing during handshake
- Date: Sun, 9 Dec 2012 15:35:31 +0000 (UTC)
commit 10181f38be83773ee27cc4afae9a4d3d92f7763b
Author: Dan Winship <danw gnome org>
Date: Fri Dec 7 15:37:22 2012 +0100
gnutls: fix a hang when closing during handshake
If the app did a synchronous g_io_stream_close() on a connection that
had completed an async handshake but not yet run finish_handshake(),
it would hang forever (because the close would be blocking the main
loop that finish_handshake() was going to run in, and it couldn't
continue until finish_handshake() ran).
Fix this by yielding the handshake op from the end of the handshake
thread, and then in async_handshake_completed(), deal with the
possibility that someone else might have already run
finish_handshake() for us.
Add a test for this to tls/tests/connection. This patch also disables
the refcount checking on test->client_connection for now, because the
new code makes it racy; it's possible we'll run teardown_connection()
before the handshake GTask has dropped its ref on the connection.
https://bugzilla.gnome.org/show_bug.cgi?id=688751
tls/gnutls/gtlsconnection-gnutls.c | 97 ++++++++++++++++++++++--------------
tls/tests/connection.c | 90 ++++++++++++++++++++++++++++++---
2 files changed, 142 insertions(+), 45 deletions(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index a0a221f..aac43f8 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -110,19 +110,19 @@ struct _GTlsConnectionGnutlsPrivate
gboolean database_is_unset;
/* need_handshake means the next claim_op() will get diverted into
- * an implicit handshake (unless it's an OP_HANDSHAKE itself).
- * need_finish_handshake means the next claim_op() will get
- * diverted into finish_handshake().
+ * an implicit handshake (unless it's an OP_HANDSHAKE or OP_CLOSE).
+ * need_finish_handshake means the next claim_op() will get diverted
+ * into finish_handshake() (unless it's an OP_CLOSE).
*
- * handshaking is TRUE as soon as a handshake thread is queued.
- * Normally it becomes FALSE after finish_handshake() completes. For
- * an implicit handshake, but in the case of an async implicit
- * handshake, it becomes FALSE at the end of handshake_thread(),
- * (and then the next read/write op will call finish_handshake()).
- * This is because we don't want to call finish_handshake() (and
- * possibly emit signals) if the caller is not actually in a TLS op
- * at the time. (Eg, if they're waiting to try a nonblocking call
- * again, we don't want to emit the signal until they do.)
+ * handshaking is TRUE as soon as a handshake thread is queued. For
+ * a sync handshake it becomes FALSE after finish_handshake()
+ * completes in the calling thread, but for an async implicit
+ * handshake, it becomes FALSE (and need_finish_handshake becomes
+ * TRUE) at the end of the handshaking thread (and then the next
+ * non-close op will call finish_handshake()). We can't just wait
+ * for handshake_thread_completed() to run, because it's possible
+ * that its main loop is being blocked by a synchronous op which is
+ * waiting for handshaking to become FALSE...
*
* started_handshake indicates that the current handshake attempt
* got at least as far as calling gnutls_handshake() (and so any
@@ -554,7 +554,6 @@ claim_op (GTlsConnectionGnutls *gnutls,
g_clear_object (&gnutls->priv->implicit_handshake);
g_mutex_lock (&gnutls->priv->op_mutex);
- gnutls->priv->handshaking = FALSE;
if (!success || g_cancellable_set_error_if_cancelled (cancellable, &my_error))
{
g_propagate_error (error, my_error);
@@ -1297,19 +1296,57 @@ handshake_thread_completed (GObject *object,
GTask *caller_task = user_data;
GTlsConnectionGnutls *gnutls = g_task_get_source_object (caller_task);
GError *error = NULL;
- gboolean success;
+ gboolean need_finish_handshake, success;
- success = finish_handshake (gnutls, G_TASK (result), &error);
- yield_op (gnutls, G_TLS_CONNECTION_GNUTLS_OP_HANDSHAKE);
+ g_mutex_lock (&gnutls->priv->op_mutex);
+ if (gnutls->priv->need_finish_handshake)
+ {
+ need_finish_handshake = TRUE;
+ gnutls->priv->need_finish_handshake = FALSE;
+ }
+ else
+ need_finish_handshake = FALSE;
+ g_mutex_unlock (&gnutls->priv->op_mutex);
- if (success)
- g_task_return_boolean (caller_task, TRUE);
+ if (need_finish_handshake)
+ {
+ success = finish_handshake (gnutls, G_TASK (result), &error);
+ if (success)
+ g_task_return_boolean (caller_task, TRUE);
+ else
+ g_task_return_error (caller_task, error);
+ }
+ else if (gnutls->priv->handshake_error)
+ g_task_return_error (caller_task, g_error_copy (gnutls->priv->handshake_error));
else
- g_task_return_error (caller_task, error);
+ g_task_return_boolean (caller_task, TRUE);
+
g_object_unref (caller_task);
}
static void
+async_handshake_thread (GTask *task,
+ gpointer object,
+ gpointer task_data,
+ GCancellable *cancellable)
+{
+ GTlsConnectionGnutls *gnutls = object;
+
+ handshake_thread (task, object, task_data, cancellable);
+
+ g_mutex_lock (&gnutls->priv->op_mutex);
+ gnutls->priv->need_finish_handshake = TRUE;
+ /* yield_op will clear handshaking too, but we don't want the
+ * connection to be briefly "handshaking && need_finish_handshake"
+ * after we unlock the mutex.
+ */
+ gnutls->priv->handshaking = FALSE;
+ g_mutex_unlock (&gnutls->priv->op_mutex);
+
+ yield_op (gnutls, G_TLS_CONNECTION_GNUTLS_OP_HANDSHAKE);
+}
+
+static void
g_tls_connection_gnutls_handshake_async (GTlsConnection *conn,
int io_priority,
GCancellable *cancellable,
@@ -1326,7 +1363,7 @@ g_tls_connection_gnutls_handshake_async (GTlsConnection *conn,
thread_task = g_task_new (conn, cancellable,
handshake_thread_completed, caller_task);
g_task_set_priority (thread_task, io_priority);
- g_task_run_in_thread (thread_task, handshake_thread);
+ g_task_run_in_thread (thread_task, async_handshake_thread);
g_object_unref (thread_task);
}
@@ -1340,20 +1377,6 @@ g_tls_connection_gnutls_handshake_finish (GTlsConnection *conn,
return g_task_propagate_boolean (G_TASK (result), error);
}
-static void
-implicit_handshake_completed (GObject *object,
- GAsyncResult *result,
- gpointer user_data)
-{
- GTlsConnectionGnutls *gnutls = G_TLS_CONNECTION_GNUTLS (object);
-
- g_mutex_lock (&gnutls->priv->op_mutex);
- gnutls->priv->need_finish_handshake = TRUE;
- g_mutex_unlock (&gnutls->priv->op_mutex);
-
- yield_op (gnutls, G_TLS_CONNECTION_GNUTLS_OP_HANDSHAKE);
-}
-
static gboolean
do_implicit_handshake (GTlsConnectionGnutls *gnutls,
gboolean blocking,
@@ -1362,9 +1385,7 @@ do_implicit_handshake (GTlsConnectionGnutls *gnutls,
{
/* We have op_mutex */
- gnutls->priv->implicit_handshake = g_task_new (gnutls, cancellable,
- implicit_handshake_completed,
- NULL);
+ gnutls->priv->implicit_handshake = g_task_new (gnutls, cancellable, NULL, NULL);
begin_handshake (gnutls);
@@ -1390,7 +1411,7 @@ do_implicit_handshake (GTlsConnectionGnutls *gnutls,
else
{
g_task_run_in_thread (gnutls->priv->implicit_handshake,
- handshake_thread);
+ async_handshake_thread);
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_WOULD_BLOCK,
_("Operation would block"));
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index b330c3a..5aae663 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -41,6 +41,7 @@ typedef struct {
gboolean rehandshake;
GTlsCertificateFlags accept_flags;
GError *read_error;
+ gboolean expect_server_error;
GError *server_error;
gboolean server_closed;
@@ -101,7 +102,11 @@ teardown_connection (TestConnection *test, gconstpointer data)
g_object_add_weak_pointer (G_OBJECT (test->client_connection),
(gpointer *)&test->client_connection);
g_object_unref (test->client_connection);
+
+#if 0
+ /* Temporarily disabled due to race condition */
g_assert (test->client_connection == NULL);
+#endif
}
if (test->database)
@@ -110,7 +115,11 @@ teardown_connection (TestConnection *test, gconstpointer data)
g_object_add_weak_pointer (G_OBJECT (test->database),
(gpointer *)&test->database);
g_object_unref (test->database);
+
+#if 0
+ /* Temporarily disabled due to race condition */
g_assert (test->database == NULL);
+#endif
}
g_object_unref (test->address);
@@ -160,7 +169,10 @@ on_server_close_finish (GObject *object,
GError *error = NULL;
g_io_stream_close_finish (G_IO_STREAM (object), res, &error);
- g_assert_no_error (error);
+ if (test->expect_server_error)
+ g_assert (error != NULL);
+ else
+ g_assert_no_error (error);
test->server_closed = TRUE;
}
@@ -896,6 +908,14 @@ test_simultaneous_sync (TestConnection *test,
}
static void
+test_simultaneous_sync_rehandshake (TestConnection *test,
+ gconstpointer data)
+{
+ test->rehandshake = TRUE;
+ test_simultaneous_sync (test, data);
+}
+
+static void
test_close_immediately (TestConnection *test,
gconstpointer data)
{
@@ -911,16 +931,69 @@ test_close_immediately (TestConnection *test,
* At this point the server won't get a chance to run. But regardless
* closing should not wait on the server, trying to handshake or something.
*/
- if (!g_io_stream_close (test->client_connection, NULL, NULL))
- g_assert_not_reached ();
+ g_io_stream_close (test->client_connection, NULL, &error);
+ g_assert_no_error (error);
}
static void
-test_simultaneous_sync_rehandshake (TestConnection *test,
- gconstpointer data)
+quit_loop_on_notify (GObject *obj,
+ GParamSpec *spec,
+ gpointer user_data)
{
- test->rehandshake = TRUE;
- test_simultaneous_sync (test, data);
+ GMainLoop *loop = user_data;
+
+ g_main_loop_quit (loop);
+}
+
+static void
+test_close_during_handshake (TestConnection *test,
+ gconstpointer data)
+{
+ GIOStream *connection;
+ GError *error = NULL;
+ GMainContext *context;
+ GMainLoop *loop;
+
+ g_test_bug ("688751");
+
+ connection = start_async_server_and_connect_to_it (test, G_TLS_AUTHENTICATION_REQUESTED);
+ test->expect_server_error = TRUE;
+ test->client_connection = g_tls_client_connection_new (connection, test->identity, &error);
+ g_assert_no_error (error);
+ g_object_unref (connection);
+
+ loop = g_main_loop_new (NULL, FALSE);
+ g_signal_connect (test->client_connection, "notify::accepted-cas",
+ G_CALLBACK (quit_loop_on_notify), loop);
+
+ context = g_main_context_new ();
+ g_main_context_push_thread_default (context);
+ g_tls_connection_handshake_async (G_TLS_CONNECTION (test->client_connection),
+ G_PRIORITY_DEFAULT,
+ NULL, NULL, NULL);
+ g_main_context_pop_thread_default (context);
+
+ /* Now run the (default GMainContext) loop, which is needed for
+ * the server side of things. The client-side handshake will run in
+ * a thread, but its callback will never be invoked because its
+ * context isn't running.
+ */
+ g_main_loop_run (loop);
+ g_main_loop_unref (loop);
+
+ /* At this point handshake_thread() has started (and maybe
+ * finished), but handshake_thread_completed() (and thus
+ * finish_handshake()) has not yet run. Make sure close doesn't
+ * block.
+ */
+ g_io_stream_close (test->client_connection, NULL, &error);
+ g_assert_no_error (error);
+
+ /* We have to let the handshake_async() call finish now, or
+ * teardown_connection() will assert.
+ */
+ g_main_context_iteration (context, TRUE);
+ g_main_context_unref (context);
}
int
@@ -930,6 +1003,7 @@ main (int argc,
int ret;
g_test_init (&argc, &argv, NULL);
+ g_test_bug_base ("http://bugzilla.gnome.org/";);
g_setenv ("GSETTINGS_BACKEND", "memory", TRUE);
g_setenv ("GIO_EXTRA_MODULES", TOP_BUILDDIR "/tls/gnutls/.libs", TRUE);
@@ -963,6 +1037,8 @@ main (int argc,
setup_connection, test_simultaneous_sync_rehandshake, teardown_connection);
g_test_add ("/tls/connection/close-immediately", TestConnection, NULL,
setup_connection, test_close_immediately, teardown_connection);
+ g_test_add ("/tls/connection/close-during-handshake", TestConnection, NULL,
+ setup_connection, test_close_during_handshake, teardown_connection);
ret = g_test_run();
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
