[Libwebsockets] Creating a second (SSL capable) lws context will break SSL ext_data access

Wenzel, Alexander alexander.wenzel at qsc.de
Mon Jun 27 14:38:28 CEST 2016


Hi,

we're using libwebsockets v2.0.2, but the following problem is also present
in the current master. But first let me describe our setup.

We want to use the lib in the following way. The first lws context is used as
a server in a thread. The second lws context will be a client in another
thread. Both context objects will have SSL enabled to provide a SSL server or
rather connect to one.

To reproduce or describe the problem, you need to start the server thread
first. In the init phase, the global SSL external data index variables [1]
will be setup here [2]. If a client connects to the server, the index (= 0)
is used here [3] to get the lws context out of the SSL object.

If you now start the client, it will also init the SSL library and also
get the next free set of index (= 1) numbers to store user external data.
But here is no link to the lws context which is the root of the problem.

When now somebody connects again to the server thread, it will again try to
retrieve the context out of the SSL object [3]. But this time, the global
index variable is set to 1 and so we won't get back our requested server
object, which was stored at index 0. Finally this will result in a SEGFAULT.

A first dirty hack [4] would be to only set theses globals once. Which would
be ok for a single lws server context (which may uses multiple vhosts) and
one single client lws context.

I'm still not so familiar with the library to propose a more suitable patch.
I just began to use and understand it ;) But at least I want to create some
awareness of this issue.

Best regards,
Alexander

[1] https://github.com/warmcat/libwebsockets/blob/v2.0.2/lib/ssl.c#L56
[2] https://github.com/warmcat/libwebsockets/blob/v2.0.2/lib/ssl.c#L171
[3] https://github.com/warmcat/libwebsockets/blob/v2.0.2/lib/ssl-server.c#L164
[4] Patch SSL ext_data lws index to be set only once
diff --git a/lib/ssl.c b/lib/ssl.c
index 6b2e575..e28dc06 100644
--- a/lib/ssl.c
+++ b/lib/ssl.c
@@ -53,8 +53,8 @@ static void pssl_debug(void *ctx, int level, const char *str)
 
 #endif
 
-int openssl_websocket_private_data_index,
-    openssl_SSL_CTX_private_data_index;
+int openssl_websocket_private_data_index = -1;
+int openssl_SSL_CTX_private_data_index = -1;
 
 int lws_ssl_get_error(struct lws *wsi, int n)
 {
@@ -165,11 +165,15 @@ lws_context_init_ssl_library(struct lws_context_creation_info *info)
        OpenSSL_add_all_algorithms();
        SSL_load_error_strings();
 
-       openssl_websocket_private_data_index =
-               SSL_get_ex_new_index(0, "lws", NULL, NULL, NULL);
+       if (openssl_websocket_private_data_index < 0) {
+               openssl_websocket_private_data_index =
+                       SSL_get_ex_new_index(0, "lws", NULL, NULL, NULL);
+       }
 
-       openssl_SSL_CTX_private_data_index = SSL_CTX_get_ex_new_index(0,
-                       NULL, NULL, NULL, NULL);
+       if (openssl_SSL_CTX_private_data_index < 0) {
+               openssl_SSL_CTX_private_data_index =
+                       SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
+       }
 #endif
 #endif
 





More information about the Libwebsockets mailing list