mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 18:08:23 +00:00
Code Issues Releases Wiki Activity

Must call SSL_shutdown() before closing the underlying socket.

Browse Source 
This got broken by some code rearrangement when relay mode was added.
This commit is contained in:
Todd C. Miller 2021-04-26 19:07:40 -06:00
parent 67029f3cc4
commit f25275ad5b
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
logsrvd/logsrvd.c
View File

@ -113,6 +113,15 @@ connection_closure_free(struct connection_closure *closure)
TAILQ_REMOVE(&connections, closure, entries); TAILQ_REMOVE(&connections, closure, entries);
if (closure->relay_closure != NULL) if (closure->relay_closure != NULL)
relay_closure_free(closure->relay_closure); relay_closure_free(closure->relay_closure);
#if defined(HAVE_OPENSSL)
if (closure->ssl != NULL) {
/* Must call SSL_shutdown() before closing closure->sock. */
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"closing down TLS connection from %s", closure->ipaddr);
SSL_shutdown(closure->ssl);
SSL_free(closure->ssl);
}
#endif
if (closure->sock != -1) if (closure->sock != -1)
close(closure->sock); close(closure->sock);
iolog_close_all(closure); iolog_close_all(closure);
@ -121,12 +130,6 @@ connection_closure_free(struct connection_closure *closure)
sudo_ev_free(closure->write_ev); sudo_ev_free(closure->write_ev);
#if defined(HAVE_OPENSSL) #if defined(HAVE_OPENSSL)
sudo_ev_free(closure->ssl_accept_ev); sudo_ev_free(closure->ssl_accept_ev);
if (closure->ssl != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"closing down TLS connection from %s", closure->ipaddr);
SSL_shutdown(closure->ssl);
SSL_free(closure->ssl);
}
#endif #endif
eventlog_free(closure->evlog); eventlog_free(closure->evlog);
free(closure->read_buf.data); free(closure->read_buf.data);