forked from lda/telodendria
It appears that OpenSSL closes the socket descriptor for us.
When we close it again manually, we may actually be closing another thread's file descriptor, which causes all kinds of problems.
This commit is contained in:
parent
54924b9444
commit
b5b1a021d8
2 changed files with 20 additions and 7 deletions
|
@ -162,7 +162,7 @@ TlsInitServer(int fd, const char *crt, const char *key)
|
||||||
|
|
||||||
if (SSL_CTX_use_PrivateKey_file(cookie->ctx, key, SSL_FILETYPE_PEM) <= 0)
|
if (SSL_CTX_use_PrivateKey_file(cookie->ctx, key, SSL_FILETYPE_PEM) <= 0)
|
||||||
{
|
{
|
||||||
Log(LOG_ERR, "TlsInitServer(): Unable to set key file.");
|
Log(LOG_ERR, "TlsInitServer(): Unable to set key file: %s", key);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -197,6 +197,10 @@ TlsInitServer(int fd, const char *crt, const char *key)
|
||||||
return cookie;
|
return cookie;
|
||||||
|
|
||||||
error:
|
error:
|
||||||
|
if (SSL_get_error(cookie->ssl, acceptRet) == SSL_ERROR_SYSCALL)
|
||||||
|
{
|
||||||
|
Log(LOG_ERR, "TlsServerInit(): System error: %s", strerror(errno));
|
||||||
|
}
|
||||||
Log(LOG_ERR, "TlsServerInit(): %s", SSLErrorString(SSL_get_error(cookie->ssl, acceptRet)));
|
Log(LOG_ERR, "TlsServerInit(): %s", SSLErrorString(SSL_get_error(cookie->ssl, acceptRet)));
|
||||||
Log(LOG_ERR, "TlsServerInit(): %s", ERR_error_string(ERR_get_error(), errorStr));
|
Log(LOG_ERR, "TlsServerInit(): %s", ERR_error_string(ERR_get_error(), errorStr));
|
||||||
|
|
||||||
|
@ -222,7 +226,9 @@ ssize_t
|
||||||
TlsRead(void *cookie, void *buf, size_t nBytes)
|
TlsRead(void *cookie, void *buf, size_t nBytes)
|
||||||
{
|
{
|
||||||
OpenSSLCookie *ssl = cookie;
|
OpenSSLCookie *ssl = cookie;
|
||||||
int ret = SSL_read(ssl->ssl, buf, nBytes);
|
int ret;
|
||||||
|
|
||||||
|
ret = SSL_read(ssl->ssl, buf, nBytes);
|
||||||
|
|
||||||
if (ret <= 0)
|
if (ret <= 0)
|
||||||
{
|
{
|
||||||
|
@ -252,7 +258,9 @@ ssize_t
|
||||||
TlsWrite(void *cookie, void *buf, size_t nBytes)
|
TlsWrite(void *cookie, void *buf, size_t nBytes)
|
||||||
{
|
{
|
||||||
OpenSSLCookie *ssl = cookie;
|
OpenSSLCookie *ssl = cookie;
|
||||||
int ret = SSL_write(ssl->ssl, buf, nBytes);
|
int ret;
|
||||||
|
|
||||||
|
ret = SSL_write(ssl->ssl, buf, nBytes);
|
||||||
|
|
||||||
if (ret <= 0)
|
if (ret <= 0)
|
||||||
{
|
{
|
||||||
|
@ -283,11 +291,14 @@ TlsClose(void *cookie)
|
||||||
{
|
{
|
||||||
OpenSSLCookie *ssl = cookie;
|
OpenSSLCookie *ssl = cookie;
|
||||||
|
|
||||||
SSL_shutdown(ssl->ssl);
|
while (SSL_shutdown(ssl->ssl) == 0);
|
||||||
SSL_free(ssl->ssl);
|
SSL_free(ssl->ssl);
|
||||||
close(ssl->fd);
|
|
||||||
SSL_CTX_free(ssl->ctx);
|
SSL_CTX_free(ssl->ctx);
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
close(ssl->fd);
|
||||||
|
#endif
|
||||||
|
|
||||||
Free(ssl);
|
Free(ssl);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
6
TODO.txt
6
TODO.txt
|
@ -14,8 +14,10 @@ Milestone: v0.3.0
|
||||||
[x] Fix leaks in json
|
[x] Fix leaks in json
|
||||||
[x] Debug ARM64 Debian
|
[x] Debug ARM64 Debian
|
||||||
|
|
||||||
[ ] Cytoplasm
|
[~] Cytoplasm
|
||||||
[ ] Debug OpenSSL
|
[~] Debug OpenSSL
|
||||||
|
[x] Database corruption
|
||||||
|
[ ] File descriptor exhaustion
|
||||||
|
|
||||||
Milestone: v0.4.0
|
Milestone: v0.4.0
|
||||||
-----------------
|
-----------------
|
||||||
|
|
Loading…
Reference in a new issue