-
Notifications
You must be signed in to change notification settings - Fork 133
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* SSL session caching/reusing disabled to prevent memory corruption
# Context making multiple request to same host/port cause some of them terminated with message > error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol (/Users/tomski/Coding/asidik/robovm/target/checkout/compiler/vm/rt/android/external/openssl/ssl/s23_clnt.c:714 0x107f58871:0x00000000) (or application crashed random places) # root case Reusing same Session cause same native SSL_Session to be used with each opened OpenSSLSocketImpl. It associates it's native pointer with its SSL. ``` sessionToReuse = this.getCachedClientSession(clientSessionContext); if (sessionToReuse != null) { NativeCrypto.SSL_set_session(this.sslNativePointer, sessionToReuse.sslSessionNativePointer); } ``` As result multiple OpenSSLSocketImpl and its SSL will use same single session. Problem appear once this socked is being closed, as it destroys SSL by calling `NativeCrypto.SSL_free(sslNativePointer);` and SSL under hood destroys all elements it contains, and shared session as result. This cause single object to be multiple times released, released memory is used as valid -- this causes logic errors as described above and SIGABRT crashes. # The "fix" Properly fixing session sharing on Android 4.4.x code base is problematic as things are not implemented this way. In recent version of Libcore its handled completely different way. The way to prevent apps from crashing is to disable the feature. it will introduce longer TLS handshake. RoboVMx experimental port is not affected by this issue.
- Loading branch information
Showing
1 changed file
with
68 additions
and
58 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters