diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-14 15:53:00 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-14 16:13:42 +0900 |
commit | 5eb68ba77855cdf82b6c2ecf884ed183629407b9 (patch) | |
tree | 66e6a49c0232387a7a5bdc414b8e72bad0f7e225 | |
parent | a6ba9f894f70e80ad2cc263e088d0b14af3a70ec (diff) | |
download | ruby-openssl-5eb68ba77855cdf82b6c2ecf884ed183629407b9.tar.gz |
ssl: avoid directly storing String object in NPN callbackky/ssl-mark-reverse-references
On the server side, the serialized list of protocols is stored in
SSL_CTX as a String object reference. We utilize a hidden instance
variable to prevent it from being GC'ed, but this is not enough because
it can also be relocated by GC.compact.
-rw-r--r-- | ext/openssl/ossl_ssl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 70dff91e..bfd80126 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -699,7 +699,7 @@ static int ssl_npn_advertise_cb(SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg) { - VALUE protocols = (VALUE)arg; + VALUE protocols = rb_attr_get((VALUE)arg, id_npn_protocols_encoded); *out = (const unsigned char *) RSTRING_PTR(protocols); *outlen = RSTRING_LENINT(protocols); @@ -917,7 +917,7 @@ ossl_sslctx_setup(VALUE self) if (!NIL_P(val)) { VALUE encoded = ssl_encode_npn_protocols(val); rb_ivar_set(self, id_npn_protocols_encoded, encoded); - SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (void *)encoded); + SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (void *)self); OSSL_Debug("SSL NPN advertise callback added"); } if (RTEST(rb_attr_get(self, id_i_npn_select_cb))) { |