Partially revert 3f647bb7797b3e71405c59eb280a4be74305c6b2

refs #6724

diff --git a/lib/base/tlsstream.cpp b/lib/base/tlsstream.cpp
index a01f15f1396a1a0386c7acccc91ef38618d0c5d0..a7ab8f3b84d07f27a0d2c3b36584d4df960dbe52 100644 (file)
--- a/lib/base/tlsstream.cpp
+++ b/lib/base/tlsstream.cpp
@@ -76,6 +76,7 @@ TlsStream::TlsStream(const Socket::Ptr& socket, ConnectionRole role, const share
  */
 shared_ptr<X509> TlsStream::GetClientCertificate(void) const
 {
+       boost::mutex::scoped_lock lock(m_SSLLock);
        return shared_ptr<X509>(SSL_get_certificate(m_SSL.get()), &Utility::NullDeleter);
 }
 
@@ -86,6 +87,7 @@ shared_ptr<X509> TlsStream::GetClientCertificate(void) const
  */
 shared_ptr<X509> TlsStream::GetPeerCertificate(void) const
 {
+       boost::mutex::scoped_lock lock(m_SSLLock);
        return shared_ptr<X509>(SSL_get_peer_certificate(m_SSL.get()), X509_free);
 }
 
@@ -94,12 +96,15 @@ void TlsStream::Handshake(void)
        for (;;) {
                int rc, err;
 
-               rc = SSL_do_handshake(m_SSL.get());
+               {
+                       boost::mutex::scoped_lock lock(m_SSLLock);
+                       rc = SSL_do_handshake(m_SSL.get());
 
-               if (rc > 0)
-                       break;
+                       if (rc > 0)
+                               break;
 
-               err = SSL_get_error(m_SSL.get(), rc);
+                       err = SSL_get_error(m_SSL.get(), rc);
+               }
 
                switch (err) {
                        case SSL_ERROR_WANT_READ:
@@ -137,10 +142,13 @@ size_t TlsStream::Read(void *buffer, size_t count)
        while (left > 0) {
                int rc, err;
 
-               rc = SSL_read(m_SSL.get(), ((char *)buffer) + (count - left), left);
+               {
+                       boost::mutex::scoped_lock lock(m_SSLLock);
+                       rc = SSL_read(m_SSL.get(), ((char *)buffer) + (count - left), left);
 
-               if (rc <= 0)
-                       err = SSL_get_error(m_SSL.get(), rc);
+                       if (rc <= 0)
+                               err = SSL_get_error(m_SSL.get(), rc);
+               }
 
                if (rc <= 0) {
                        switch (err) {
@@ -181,10 +189,13 @@ void TlsStream::Write(const void *buffer, size_t count)
        while (left > 0) {
                int rc, err;
 
-               rc = SSL_write(m_SSL.get(), ((const char *)buffer) + (count - left), left);
+               {
+                       boost::mutex::scoped_lock lock(m_SSLLock);
+                       rc = SSL_write(m_SSL.get(), ((const char *)buffer) + (count - left), left);
 
-               if (rc <= 0)
-                       err = SSL_get_error(m_SSL.get(), rc);
+                       if (rc <= 0)
+                               err = SSL_get_error(m_SSL.get(), rc);
+               }
 
                if (rc <= 0) {
                        switch (err) {
@@ -221,7 +232,7 @@ void TlsStream::Write(const void *buffer, size_t count)
  */
 void TlsStream::Close(void)
 {
-       for (;;) {
+       for (int i = 0; i < 5; i++) {
                int rc, err;
 
                do {

diff --git a/lib/base/tlsstream.hpp b/lib/base/tlsstream.hpp
index 28362b1f8203faf98d60b53cf15a5bd70a00e552..1c8174564cceaa605980bc8af723a3c63b0cb1d9 100644 (file)
--- a/lib/base/tlsstream.hpp
+++ b/lib/base/tlsstream.hpp
@@ -54,6 +54,7 @@ public:
 
 private:
        shared_ptr<SSL> m_SSL;
+       mutable boost::mutex m_SSLLock;
        BIO *m_BIO;
 
        Socket::Ptr m_Socket;