summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2017-07-03 14:33:15 +0200
committerJulian Andres Klode <jak@debian.org>2017-07-03 15:06:26 +0200
commitf3b9e58cc5e6878daff9cf127bd00587d1f715d3 (patch)
tree571a6f3945a399844272941778bf769df047e62f
parent55673e5476f86ffae8969bfc3a47237f3eeb7720 (diff)
Swap file descriptors before the handshake
This makes more sense. If the handshake failed midway, we still should run the gnutls bye stuff. The thinking here is to only set the fd after the session setup, as we do not modify it before, so if it fails in session setup, you retain a usable file descriptor. Gbp-Dch: ignore
-rw-r--r--methods/connect.cc6
1 files changed, 4 insertions, 2 deletions
diff --git a/methods/connect.cc b/methods/connect.cc
index d82d3d1a8..ce97fd97c 100644
--- a/methods/connect.cc
+++ b/methods/connect.cc
@@ -742,6 +742,10 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd,
if ((err = gnutls_server_name_set(tlsFd->session, GNUTLS_NAME_DNS, tlsFd->hostname.c_str(), tlsFd->hostname.length())) < 0)
return _error->Error("Could not set host name %s to indicate to server: %s", tlsFd->hostname.c_str(), gnutls_strerror(err));
+ // Set the FD now, so closing it works reliably.
+ tlsFd->UnderlyingFd = std::move(Fd);
+ Fd.reset(tlsFd);
+
// Do the handshake. Our socket is non-blocking, so we need to call WaitFd()
// accordingly.
do
@@ -770,8 +774,6 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd,
return _error->Error("Could not handshake: %s", gnutls_strerror(err));
}
- tlsFd->UnderlyingFd = std::move(Fd);
- Fd.reset(tlsFd);
return true;
}
/*}}}*/