diff options
author | Julian Andres Klode <jak@debian.org> | 2017-07-03 14:33:15 +0200 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2017-07-03 15:06:26 +0200 |
commit | f3b9e58cc5e6878daff9cf127bd00587d1f715d3 (patch) | |
tree | 571a6f3945a399844272941778bf769df047e62f | |
parent | 55673e5476f86ffae8969bfc3a47237f3eeb7720 (diff) |
Swap file descriptors before the handshake
This makes more sense. If the handshake failed midway, we still
should run the gnutls bye stuff. The thinking here is to only
set the fd after the session setup, as we do not modify it
before, so if it fails in session setup, you retain a usable
file descriptor.
Gbp-Dch: ignore
-rw-r--r-- | methods/connect.cc | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/methods/connect.cc b/methods/connect.cc index d82d3d1a8..ce97fd97c 100644 --- a/methods/connect.cc +++ b/methods/connect.cc @@ -742,6 +742,10 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd, if ((err = gnutls_server_name_set(tlsFd->session, GNUTLS_NAME_DNS, tlsFd->hostname.c_str(), tlsFd->hostname.length())) < 0) return _error->Error("Could not set host name %s to indicate to server: %s", tlsFd->hostname.c_str(), gnutls_strerror(err)); + // Set the FD now, so closing it works reliably. + tlsFd->UnderlyingFd = std::move(Fd); + Fd.reset(tlsFd); + // Do the handshake. Our socket is non-blocking, so we need to call WaitFd() // accordingly. do @@ -770,8 +774,6 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd, return _error->Error("Could not handshake: %s", gnutls_strerror(err)); } - tlsFd->UnderlyingFd = std::move(Fd); - Fd.reset(tlsFd); return true; } /*}}}*/ |