When timing out while reading from a TLS server, shutdown the socket …

…properly. Also signal the "client writer" (clientwr()). Together, this should result in TLS connections being cleaned up properly. Patch by Fabian Mauchle.
mariux64 · Sep 2, 2013 · 2d867ce · 2d867ce
1 parent ae28195
commit 2d867ce
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 0 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -10,6 +10,8 @@
 	Mauchle.
 	- Stop freeing a shared piece of memory manifesting itself as a
 	crash when using dynamic discovery. Patch by Fabian Mauchle.
+	- Closing and freeing TLS clients properly. Patch by Fabian
+	Mauchle.
 
 2012-10-25 1.6.2
 	Bug fixes (security):

diff --git a/tls.c b/tls.c
@@ -290,8 +290,17 @@ void *tlsclientrd(void *arg) {
 	    }
 	}
     }
+    debug(DBG_INFO, "tlsclientrd: exiting for %s", server->conf->name);
     ERR_remove_state(0);
+    SSL_shutdown(server->ssl);
+    shutdown(server->sock, SHUT_RDWR);
+    close(server->sock);
+
+    /* Wake up clientwr(). */
     server->clientrdgone = 1;
+    pthread_mutex_lock(&server->newrq_mutex);
+    pthread_cond_signal(&server->newrq_cond);
+    pthread_mutex_unlock(&server->newrq_mutex);
     return NULL;
 }