From e601ca5df9f574a9b6a3de67442fa2415c97fa1b Mon Sep 17 00:00:00 2001
From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 8 Nov 2016 19:37:32 +1300
Subject: [PATCH] TLS: use Security::SessionPointer for helper state
 maintenance

---
 src/ssl/helper.cc | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/src/ssl/helper.cc b/src/ssl/helper.cc
index 7751d8db7c..e9e6366ecc 100644
--- a/src/ssl/helper.cc
+++ b/src/ssl/helper.cc
@@ -181,7 +181,7 @@ class submitData
 public:
     std::string query;
     AsyncCall::Pointer callback;
-    SSL *ssl;
+    Security::SessionPointer ssl;
 };
 CBDATA_CLASS_INIT(submitData);
 
@@ -193,7 +193,7 @@ sslCrtvdHandleReplyWrapper(void *data, const ::Helper::Reply &reply)
     std::string error;
 
     submitData *crtdvdData = static_cast<submitData *>(data);
-    STACK_OF(X509) *peerCerts = SSL_get_peer_cert_chain(crtdvdData->ssl);
+    STACK_OF(X509) *peerCerts = SSL_get_peer_cert_chain(crtdvdData->ssl.get());
     if (reply.result == ::Helper::BrokenHelper) {
         debugs(83, DBG_IMPORTANT, "\"ssl_crtvd\" helper error response: " << reply.other().content());
         validationResponse->resultCode = ::Helper::BrokenHelper;
@@ -220,7 +220,6 @@ sslCrtvdHandleReplyWrapper(void *data, const ::Helper::Reply &reply)
             delete item;
     }
 
-    SSL_free(crtdvdData->ssl);
     delete crtdvdData;
 }
 
@@ -237,8 +236,7 @@ void Ssl::CertValidationHelper::sslSubmit(Ssl::CertValidationRequest const &requ
     crtdvdData->query = message.compose();
     crtdvdData->query += '\n';
     crtdvdData->callback = callback;
-    crtdvdData->ssl = request.ssl;
-    CRYPTO_add(&crtdvdData->ssl->references,1,CRYPTO_LOCK_SSL);
+    crtdvdData->ssl.resetAndLock(request.ssl);
     Ssl::CertValidationResponse::Pointer const*validationResponse;
 
     if (CertValidationHelper::HelperCache &&
@@ -248,7 +246,6 @@ void Ssl::CertValidationHelper::sslSubmit(Ssl::CertValidationRequest const &requ
         Must(dialer);
         dialer->arg1 = *validationResponse;
         ScheduleCallHere(callback);
-        SSL_free(crtdvdData->ssl);
         delete crtdvdData;
         return;
     }
@@ -260,8 +257,6 @@ void Ssl::CertValidationHelper::sslSubmit(Ssl::CertValidationRequest const &requ
         Must(dialer);
         dialer->arg1 = resp;
         ScheduleCallHere(callback);
-
-        SSL_free(crtdvdData->ssl);
         delete crtdvdData;
         return;
     }
-- 
2.47.3