From 5c4b0c31393221c74367c8b2a33ef127bdb9e59c Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Mon, 26 Aug 2013 16:52:14 +0200 Subject: When timing out while reading from a TLS server, shutdown the socket properly. Also signal the "client writer" (clientwr()). Together, this should result in TLS connections being cleaned up properly. Patch by Fabian Mauchle. --- ChangeLog | 2 ++ tls.c | 9 +++++++++ 2 files changed, 11 insertions(+) diff --git a/ChangeLog b/ChangeLog index d43d5b8..323ef30 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,8 @@ Mauchle. - Stop freeing a shared piece of memory manifesting itself as a crash when using dynamic discovery. Patch by Fabian Mauchle. + - Closing and freeing TLS clients properly. Patch by Fabian + Mauchle. 2012-10-25 1.6.2 Bug fixes (security): diff --git a/tls.c b/tls.c index 9b8e7be..3b2b0ac 100644 --- a/tls.c +++ b/tls.c @@ -286,8 +286,17 @@ void *tlsclientrd(void *arg) { } } } + debug(DBG_INFO, "tlsclientrd: exiting for %s", server->conf->name); ERR_remove_state(0); + SSL_shutdown(server->ssl); + shutdown(server->sock, SHUT_RDWR); + close(server->sock); + + /* Wake up clientwr(). */ server->clientrdgone = 1; + pthread_mutex_lock(&server->newrq_mutex); + pthread_cond_signal(&server->newrq_cond); + pthread_mutex_unlock(&server->newrq_mutex); return NULL; } -- cgit v1.1