tls: avoid ptls ctx free on transport close

[vpp.git] / src / plugins / tlspicotls / tls_picotls.c

diff --git a/src/plugins/tlspicotls/tls_picotls.c b/src/plugins/tlspicotls/tls_picotls.c
index a0fbab0..7d1b4fc 100644 (file)
--- a/src/plugins/tlspicotls/tls_picotls.c
+++ b/src/plugins/tlspicotls/tls_picotls.c
@@ -48,6 +48,7 @@ picotls_ctx_free (tls_ctx_t * ctx)
 {
   picotls_ctx_t *ptls_ctx = (picotls_ctx_t *) ctx;
   vec_free (ptls_ctx->rx_content);
+  ptls_free (ptls_ctx->tls);
   vec_free (ptls_ctx->write_content);
   pool_put_index (picotls_main.ctx_pool[ctx->c_thread_index],
                  ptls_ctx->ptls_ctx_idx);
@@ -200,8 +201,6 @@ picotls_transport_close (tls_ctx_t * ctx)
       picotls_handle_handshake_failure (ctx);
       return 0;
     }
-  picotls_ctx_t *ptls_ctx = (picotls_ctx_t *) ctx;
-  ptls_free (ptls_ctx->tls);
   session_transport_closing_notify (&ctx->connection);
   return 0;
 }
@@ -287,9 +286,21 @@ picotls_ctx_read (tls_ctx_t *ctx, session_t *tcp_session)
     {
       picotls_do_handshake (ptls_ctx, tcp_session);
       if (picotls_handshake_is_over (ctx))
-       ret = ptls_is_server (ptls_ctx->tls) ?
-               tls_notify_app_accept (ctx) :
-               tls_notify_app_connected (ctx, SESSION_E_NONE);
+       {
+         if (ptls_is_server (ptls_ctx->tls))
+           {
+             if (tls_notify_app_accept (ctx))
+               {
+                 ctx->c_s_index = SESSION_INVALID_INDEX;
+                 tls_disconnect_transport (ctx);
+                 return -1;
+               }
+           }
+         else
+           {
+             tls_notify_app_connected (ctx, SESSION_E_NONE);
+           }
+       }
 
       if (!svm_fifo_max_dequeue (tcp_session->rx_fifo))
        return 0;