From: Willy Tarreau <w@1wt.eu>
Date: Wed, 11 Mar 2026 08:00:24 +0000 (+0100)
Subject: MINOR: ssl: set the thread execution context during message callbacks
X-Git-Tag: v3.4-dev7~54
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e8e4449985962d62a222c81cccdf12dae32b34fe;p=thirdparty%2Fhaproxy.git

MINOR: ssl: set the thread execution context during message callbacks

In order to be able to track memory allocation performed from message
callbacks, let's set the thread execution context to a generic function
pointing to them during their call. This allows for example to observe
the share of SSL allocations caused by ssl_sock_parse_clienthello() when
SSL captures are enabled.

The release calls are automatic from the SSL library for these, and are
registered directly via SSL_get_ex_new_index(). Maybe we should improve
the internal API to wrap that function and systematically track free
calls as well. In this case, maybe even registering the message callback
registration could take both the callback and the release function.
There are few such users however, essentially capture and keylog.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index dcd3a231b..894e8293a 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2177,7 +2177,8 @@ static __maybe_unused void ssl_sock_msgcbk(int write_p, int version, int content
 	 * ssl_sock_register_msg_callback().
 	 */
 	list_for_each_entry(cbk, &ssl_sock_msg_callbacks, list) {
-		cbk->func(write_p, version, content_type, buf, len, ssl);
+		EXEC_CTX_NO_RET(EXEC_CTX_MAKE(TH_EX_CTX_FUNC, cbk->func),
+		                cbk->func(write_p, version, content_type, buf, len, ssl));
 	}
 }