diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-10-10 14:35:42 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-10-10 14:35:42 +0900 |
commit | d1cbf6d75280d208f352d6ff245be515a75c7933 (patch) | |
tree | 6e56c8fc3b61312b5900916fc4039a6ac18fdcb0 /ext | |
parent | 14e116554b56b722337b285adfc30481155dd1de (diff) | |
download | ruby-openssl-d1cbf6d75280d208f352d6ff245be515a75c7933.tar.gz |
test/test_ssl_session: skip tests for session_remove_cbky/skip-session-remove-cb-tests
In OpenSSL < 1.1.0, the session_remove_cb callback is called inside the
global lock for CRYPTO_LOCK_SSL_CTX which is shared across the entire
process, not just for the specific SSL_CTX object. It is possible that
the callback releases GVL while the lock for CRYPTO_LOCK_SSL_CTX is
held, causing another thread calling an OpenSSL function that tries to
acquire the same lock stuck forever.
Add a note about the possible deadlock to the docs for
SSLContext#session_remove_cb=, and skip the relevant test cases unless
the OSSL_TEST_ALL environment variable is set to 1.
A deadlock due to this issue is observed:
http://ci.rvm.jp/results/trunk-test@frontier/104428
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/ossl_ssl.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index aa2dbbc8..736f4924 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -2446,6 +2446,10 @@ Init_ossl_ssl(void) * A callback invoked when a session is removed from the internal cache. * * The callback is invoked with an SSLContext and a Session. + * + * IMPORTANT NOTE: It is currently not possible to use this safely in a + * multi-threaded application. The callback is called inside a global lock + * and it can randomly cause deadlock on Ruby thread switching. */ rb_attr(cSSLContext, rb_intern("session_remove_cb"), 1, 1, Qfalse); |