diff --git a/NetSSL_OpenSSL/src/SSLManager.cpp b/NetSSL_OpenSSL/src/SSLManager.cpp index 0d53b1844..a7c900948 100644 --- a/NetSSL_OpenSSL/src/SSLManager.cpp +++ b/NetSSL_OpenSSL/src/SSLManager.cpp @@ -76,8 +76,8 @@ const bool SSLManager::VAL_FIPS_MODE(false); SSLManager::SSLManager(): - _contextIndex(SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL)), - _socketIndex(SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL)) + _contextIndex(SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr)), + _socketIndex(SSL_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr)) { } @@ -100,9 +100,8 @@ void SSLManager::shutdown() PrivateKeyPassphraseRequired.clear(); ClientVerificationError.clear(); ServerVerificationError.clear(); - _ptrDefaultServerContext = 0; - _ptrDefaultClientContext = 0; - _socketIndex = _contextIndex = -1; + _ptrDefaultServerContext = nullptr; + _ptrDefaultClientContext = nullptr; } @@ -290,7 +289,7 @@ int SSLManager::verifyOCSPResponseCallback(SSL* pSSL, void* arg) return ocspVerifyFlag ? 0 : 1; } - OCSP_RESPONSE* pOcspResp = d2i_OCSP_RESPONSE(NULL, &pResp, len); + OCSP_RESPONSE* pOcspResp = d2i_OCSP_RESPONSE(nullptr, &pResp, len); if (!pOcspResp) return 0; if (OCSP_response_status(pOcspResp) != OCSP_RESPONSE_STATUS_SUCCESSFUL) @@ -314,7 +313,7 @@ int SSLManager::verifyOCSPResponseCallback(SSL* pSSL, void* arg) return 0; } - X509* pPeerIssuerCert = NULL; + X509* pPeerIssuerCert = nullptr; STACK_OF(X509)* pCertChain = SSL_get_peer_cert_chain(pSSL); unsigned certChainLen = sk_X509_num(pCertChain); for (int i= 0; i < certChainLen ; i++) @@ -345,7 +344,7 @@ int SSLManager::verifyOCSPResponseCallback(SSL* pSSL, void* arg) { X509_free(pCert); sk_X509_free(pCerts); - pCerts = NULL; + pCerts = nullptr; } } @@ -363,7 +362,7 @@ int SSLManager::verifyOCSPResponseCallback(SSL* pSSL, void* arg) return 0; } - OCSP_CERTID* pCertId = OCSP_cert_to_id(NULL, pPeerCert, pPeerIssuerCert); + OCSP_CERTID* pCertId = OCSP_cert_to_id(nullptr, pPeerCert, pPeerIssuerCert); if (!pCertId) { X509_free(pPeerCert); diff --git a/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.cpp b/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.cpp index f487fb6e1..850164c42 100644 --- a/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.cpp +++ b/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.cpp @@ -25,6 +25,8 @@ #include "Poco/Net/Session.h" #include "Poco/Net/SSLManager.h" #include "Poco/Net/SSLException.h" +#include "Poco/Net/AcceptCertificateHandler.h" +#include "Poco/Net/PrivateKeyPassphraseHandler.h" #include "Poco/Util/Application.h" #include "Poco/Util/AbstractConfiguration.h" #include "Poco/StreamCopier.h" @@ -285,6 +287,44 @@ void HTTPSClientSessionTest::testKeepAlive() } +void HTTPSClientSessionTest::testMultipleSSLInit() +{ + + auto initSSL = []() + { + initializeSSL(); + Poco::SharedPtr ptrCert = new AcceptCertificateHandler(false); + Context::Ptr context(new Context(Context::CLIENT_USE, "", "", "", + Context::VerificationMode::VERIFY_STRICT, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" + ) + ); + SSLManager::instance().initializeClient(0, ptrCert, context); + }; + + auto deinitSSL = []() + { + uninitializeSSL(); + }; + + try + { + initSSL(); + deinitSSL(); + + initSSL(); + + HTTPSClientSession session("secure.appinf.com"); + HTTPRequest request(HTTPRequest::HTTP_GET, "", HTTPMessage::HTTP_1_1); + (void)session.sendRequest(request); + deinitSSL(); + } + catch(...) + { + failmsg("Double SSL init failed"); + } +} + + void HTTPSClientSessionTest::testInterop() { HTTPSClientSession s("secure.appinf.com"); @@ -459,6 +499,7 @@ CppUnit::Test* HTTPSClientSessionTest::suite() CppUnit_addTest(pSuite, HTTPSClientSessionTest, testPostLargeChunked); CppUnit_addTest(pSuite, HTTPSClientSessionTest, testPostLargeChunkedKeepAlive); CppUnit_addTest(pSuite, HTTPSClientSessionTest, testKeepAlive); + CppUnit_addTest(pSuite, HTTPSClientSessionTest, testMultipleSSLInit); CppUnit_addTest(pSuite, HTTPSClientSessionTest, testInterop); CppUnit_addTest(pSuite, HTTPSClientSessionTest, testProxy); CppUnit_addTest(pSuite, HTTPSClientSessionTest, testCachedSession); diff --git a/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.h b/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.h index 3fcc8e9b5..4c083dff0 100644 --- a/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.h +++ b/NetSSL_OpenSSL/testsuite/src/HTTPSClientSessionTest.h @@ -34,6 +34,7 @@ public: void testPostLargeChunkedKeepAlive(); void testKeepAlive(); void testInterop(); + void testMultipleSSLInit(); void testProxy(); void testCachedSession(); void testUnknownContentLength();