From 2e7ff92c365b42b38bc2d8d2b9718623d720203a Mon Sep 17 00:00:00 2001
From: bcook <>
Date: Mon, 13 May 2019 22:36:01 +0000
Subject: Acquire mutex before incrementing the refcount. Fixes COV-186144

ok tb@
---
 src/lib/libtls/tls_server.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c
index 44bef6bb11..a709a2bec9 100644
--- a/src/lib/libtls/tls_server.c
+++ b/src/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.44 2018/03/19 16:34:47 jsing Exp $ */
+/* $OpenBSD: tls_server.c,v 1.45 2019/05/13 22:36:01 bcook Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -52,7 +52,9 @@ tls_server_conn(struct tls *ctx)
 
 	conn_ctx->flags |= TLS_SERVER_CONN;
 
+	pthread_mutex_lock(&ctx->config->mutex);
 	ctx->config->refcount++;
+	pthread_mutex_unlock(&ctx->config->mutex);
 
 	conn_ctx->config = ctx->config;
 	conn_ctx->keypair = ctx->config->keypair;
-- 
cgit v1.2.3-55-g6feb