diff options
| author |   Florin Coras <fcoras@cisco.com> | 2021-05-28 18:28:05 -0700 |
|---|---|---|
| committer |   Dave Wallace <dwallacelf@gmail.com> | 2021-06-01 14:45:52 +0000 |
| commit | ce48c877443dcaa13790620823a3a8c20a6e27b8 (patch) | |
| tree | e5dc132816ebd82cbc637253cb15d2395f6f789d | |
| parent | b39fac168b37fafa34546adad878b55d5db94840 (diff) | |
tls: fix handling of failed accepts
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I34b53dcaf4f049157b538ea40a39033d43e525a5
(cherry picked from commit b6fe52f3da79d4c4ea8095b9d36988b0825a9891)
| -rw-r--r-- | src/plugins/tlsopenssl/tls_openssl.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c index 496d777d3b3..05cd13c9970 100644 --- a/src/plugins/tlsopenssl/tls_openssl.c +++ b/src/plugins/tlsopenssl/tls_openssl.c @@ -341,9 +341,18 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session) { /* Need to check transport status */ if (ctx->is_passive_close) - openssl_handle_handshake_failure (ctx); - else - tls_notify_app_accept (ctx); + { + openssl_handle_handshake_failure (ctx); + return -1; + } + + /* Accept failed, cleanup */ + if (tls_notify_app_accept (ctx)) + { + ctx->c_s_index = SESSION_INVALID_INDEX; + tls_disconnect_transport (ctx); + return -1; + } } TLS_DBG (1, "Handshake for %u complete. TLS cipher is %s", |