lib-ssl-iostream: openssl: Make verbose logging robust against i_debug() writing...

In dsync, i_debug() is overridden to write to the SSL stream itself through a
multiplexed data stream. So, during the i_debug() call all kinds of things can
happen to the persisted error string in the stream, which caused problems.

diff --git a/src/lib-ssl-iostream/iostream-openssl.c b/src/lib-ssl-iostream/iostream-openssl.c
index b6e3c6e4bd39eb4e11f7ec1a11dc391fb2146917..f0eb2203d2c4203c68cc8aa863f21d2abd1e57e7 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl.c
+++ b/src/lib-ssl-iostream/iostream-openssl.c
@@ -12,14 +12,21 @@ static void openssl_iostream_free(struct ssl_iostream *ssl_io);
 
 void openssl_iostream_set_error(struct ssl_iostream *ssl_io, const char *str)
 {
+       char *new_str;
+
+       /* i_debug() may sometimes be overriden, making it write to this very
+          same SSL stream, in which case the provided str may be invalidated
+          before it is even used. Therefore, we duplicate it immediately. */
+       new_str = i_strdup(str);
+
        if (ssl_io->verbose) {
                /* This error should normally be logged by lib-ssl-iostream's
                   caller. But if verbose=TRUE, log it here as well to make
                   sure that the error is always logged. */
-               i_debug("%sSSL error: %s", ssl_io->log_prefix, str);
+               i_debug("%sSSL error: %s", ssl_io->log_prefix, new_str);
        }
        i_free(ssl_io->last_error);
-       ssl_io->last_error = i_strdup(str);
+       ssl_io->last_error = new_str;
 }
 
 static void openssl_info_callback(const SSL *ssl, int where, int ret)