From 8f5db6b513b90b6ee5b625131a25b146fa912e0d Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Fri, 30 Jun 2017 17:12:11 +0200 Subject: Improve closing the TLS connection If gnutls_session_bye() exited with an error, we never closed the underlying file descriptor, causing the method to think the connection was still open. This caused problems especially in test-partial-file-support where we checked that a "complete" file and an incomplete file work. The first GET returns a 416 with Connection: close, and the next GET request then accidentally reads the body of the 416 as the header for its own request. --- methods/connect.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'methods') diff --git a/methods/connect.cc b/methods/connect.cc index f58a67db3..0d4b3e26f 100644 --- a/methods/connect.cc +++ b/methods/connect.cc @@ -632,9 +632,9 @@ struct TlsFd : public MethodFd int Close() APT_OVERRIDE { - if (HandleError(gnutls_bye(session, GNUTLS_SHUT_RDWR)) < 0) - return -1; - return UnderlyingFd->Close(); + auto err = HandleError(gnutls_bye(session, GNUTLS_SHUT_RDWR)); + auto lower = UnderlyingFd->Close(); + return err < 0 ? HandleError(err) : lower; } bool HasPending() APT_OVERRIDE -- cgit v1.2.3