From cc609096a47c205124475a1d6946d681ad560235 Mon Sep 17 00:00:00 2001 From: Adam Majer Date: Tue, 30 Aug 2016 13:16:27 +0200 Subject: [PATCH] crypto: Use reference count to manage cert_store Setting reference count at the time of setting cert_store instead of trying to manage it by modifying internal states in destructor. PR-URL: https://github.com/nodejs/node/pull/9409 Reviewed-By: Fedor Indutny Reviewed-By: Shigeki Ohtsu --- src/node_crypto.cc | 2 ++ src/node_crypto.h | 7 ------- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 42932544aa02c8..1b6bd5e0abc8c9 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -785,6 +785,8 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { } sc->ca_store_ = root_cert_store; + // Increment reference count so global store is not deleted along with CTX. + CRYPTO_add(&root_cert_store->references, 1, CRYPTO_LOCK_X509_STORE); SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_); } diff --git a/src/node_crypto.h b/src/node_crypto.h index 1dc07e44cb6839..1f9271d0e6e13d 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -140,13 +140,6 @@ class SecureContext : public BaseObject { void FreeCTXMem() { if (ctx_) { env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize); - if (ctx_->cert_store == root_cert_store) { - // SSL_CTX_free() will attempt to free the cert_store as well. - // Since we want our root_cert_store to stay around forever - // we just clear the field. Hopefully OpenSSL will not modify this - // struct in future versions. - ctx_->cert_store = nullptr; - } SSL_CTX_free(ctx_); if (cert_ != nullptr) X509_free(cert_);