GNUTLS: Shut down sessions properly

If gnutls_bye() fails with a fatal error, we would reattempt it again
and again, even though this may then go on to e.g. cause a segmentation
fault.

Now we just keep retrying if it was interrupted, in line with the other
backends, up to a maximum of 3 retries.
This commit is contained in:
Aaron Jones 2016-09-16 11:54:04 +00:00
parent a3a25a4c8a
commit 4d89c83c32
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5

View file

@ -58,18 +58,23 @@ static int cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_
#define SSL_P(x) *((gnutls_session_t *)F->ssl)
void
rb_ssl_shutdown(rb_fde_t *F)
rb_ssl_shutdown(rb_fde_t *const F)
{
int i;
if(F == NULL || F->ssl == NULL)
return;
for(i = 0; i < 4; i++)
for(int i = 0; i < 4; i++)
{
if(gnutls_bye(SSL_P(F), GNUTLS_SHUT_RDWR) == GNUTLS_E_SUCCESS)
int ret = gnutls_bye(SSL_P(F), GNUTLS_SHUT_RDWR);
if(ret != GNUTLS_E_INTERRUPTED && ret != GNUTLS_E_AGAIN)
break;
}
gnutls_deinit(SSL_P(F));
rb_free(F->ssl);
F->ssl = NULL;
}
unsigned int