Code Review
/
vpp.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
review
|
tree
raw
|
patch
| inline |
side by side
(parent:
b39fac1
)
tls: fix handling of failed accepts
27/32327/3
author
Florin Coras
<fcoras@cisco.com>
Sat, 29 May 2021 01:28:05 +0000
(18:28 -0700)
committer
Dave Wallace
<dwallacelf@gmail.com>
Tue, 1 Jun 2021 14:45:52 +0000
(14:45 +0000)
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I34b53dcaf4f049157b538ea40a39033d43e525a5
(cherry picked from commit
b6fe52f3da79d4c4ea8095b9d36988b0825a9891
)
src/plugins/tlsopenssl/tls_openssl.c
patch
|
blob
|
history
diff --git
a/src/plugins/tlsopenssl/tls_openssl.c
b/src/plugins/tlsopenssl/tls_openssl.c
index
496d777
..
05cd13c
100644
(file)
--- a/
src/plugins/tlsopenssl/tls_openssl.c
+++ b/
src/plugins/tlsopenssl/tls_openssl.c
@@
-341,9
+341,18
@@
openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session)
{
/* Need to check transport status */
if (ctx->is_passive_close)
- openssl_handle_handshake_failure (ctx);
- else
- tls_notify_app_accept (ctx);
+ {
+ openssl_handle_handshake_failure (ctx);
+ return -1;
+ }
+
+ /* Accept failed, cleanup */
+ if (tls_notify_app_accept (ctx))
+ {
+ ctx->c_s_index = SESSION_INVALID_INDEX;
+ tls_disconnect_transport (ctx);
+ return -1;
+ }
}
TLS_DBG (1, "Handshake for %u complete. TLS cipher is %s",