[tor/master] Revert "Avoid double-close on TCP sockets under NSS." - tor-commits

6 Sep 2018

commit 22e24031452d57852e83738bacfff012439f0258
Author: Nick Mathewson nickm@torproject.org
Date:   Thu Sep 6 10:53:29 2018 -0400
Revert "Avoid double-close on TCP sockets under NSS."
This reverts commit b5fddbd24144a94580e50886cd07a82968a1b86c.
The commit here was supposed to be a solution for #27451 (fd
    management with NSS), but instead it caused an assertion failure.
Fixes bug 27500; but not in any released Tor.
---
 src/core/mainloop/connection.c | 25 ++++++++-----------------
 src/lib/tls/tortls_openssl.c   |  2 +-
 2 files changed, 9 insertions(+), 18 deletions(-)

diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index d6b191afc..a0902f516 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -449,20 +449,6 @@ connection_new(int type, int socket_family)
   }
 }
-static void
-connection_close_and_invalidate_socket(connection_t *conn)
-{
-  if (connection_speaks_cells(conn)) {
-    or_connection_t *or_conn = TO_OR_CONN(conn);
-    tor_tls_free(or_conn->tls);
-    or_conn->tls = NULL;
-    or_conn->base_.s = TOR_INVALID_SOCKET;
-  } else {
-    tor_close_socket(conn->s);
-    conn->s = TOR_INVALID_SOCKET;
-  }
-}
-
 /** Initializes conn. (you must call connection_add() to link it into the main
  * array).
  *
@@ -628,8 +614,9 @@ connection_free_minimal(connection_t *conn)
   tor_free(conn->address);
if (connection_speaks_cells(conn)) {
-    connection_close_and_invalidate_socket(conn);
     or_connection_t *or_conn = TO_OR_CONN(conn);
+    tor_tls_free(or_conn->tls);
+    or_conn->tls = NULL;
     or_handshake_state_free(or_conn->handshake_state);
     or_conn->handshake_state = NULL;
     tor_free(or_conn->nickname);
@@ -705,7 +692,9 @@ connection_free_minimal(connection_t *conn)
   }
if (SOCKET_OK(conn->s)) {
-    connection_close_and_invalidate_socket(conn);
+    log_debug(LD_NET,"closing fd %d.",(int)conn->s);
+    tor_close_socket(conn->s);
+    conn->s = TOR_INVALID_SOCKET;
   }
if (conn->type == CONN_TYPE_OR &&
@@ -831,7 +820,9 @@ connection_close_immediate(connection_t *conn)
   conn->read_blocked_on_bw = 0;
   conn->write_blocked_on_bw = 0;
-  connection_close_and_invalidate_socket(conn);
+  if (SOCKET_OK(conn->s))
+    tor_close_socket(conn->s);
+  conn->s = TOR_INVALID_SOCKET;
   if (conn->linked)
     conn->linked_conn_is_closed = 1;
   if (conn->outbuf)
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
index 560a951bc..2a022b853 100644
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -1042,7 +1042,7 @@ tor_tls_new(tor_socket_t sock, int isServer)
     goto err;
   }
   result->socket = sock;
-  bio = BIO_new_socket(sock, 0);
+  bio = BIO_new_socket(sock, BIO_NOCLOSE);
   if (! bio) {
     tls_log_errors(NULL, LOG_WARN, LD_NET, "opening BIO");
 #ifdef SSL_set_tlsext_host_name

    