tskrtt

Simple libev based gopher server
git clone https://git.inz.fi/tskrtt/
Log | Files | Refs | README
commit 45043099497e6e16bd53f206a88c128263418cab
parent 0afaabb96128ae3f545f3d7ad8e5ada27ba32e63
Author: Santtu Lakkala <inz@inz.fi>
Date:   Sun, 16 May 2021 22:32:08 +0300

Improve TLS handling

Diffstat:

Mmain.c | 11++++++-----


1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/main.c b/main.c
@@ -1041,7 +1041,6 @@ static void update_read(EV_P_ struct client *c, int revents)
 		}
 
 		if (byte0 == 22) {
-			c->tlsstate = HANDSHAKE;
 			if (tls_accept_socket(listen_watcher.tlsctx, &c->tlsctx, c->fd) < 0) {
 				client_close(EV_A_ c);
 				return;
@@ -1447,10 +1446,12 @@ int main (int argc, char *argv[])
 	if (keyfile && certfile) {
 		tls_init();
 		listen_watcher.tlsctx = tls_server();
-		tlscfg = tls_config_new();
-		tls_config_set_key_file(tlscfg, keyfile);
-		tls_config_set_cert_file(tlscfg, certfile);
-		tls_configure(listen_watcher.tlsctx, tlscfg);
+		if (!(tlscfg = tls_config_new()) ||
+		    tls_config_set_key_file(tlscfg, keyfile) ||
+		    tls_config_set_cert_file(tlscfg, certfile) ||
+		    tls_configure(listen_watcher.tlsctx, tlscfg))
+			croak("TLS configuration error");
+		tls_config_free(tlscfg);
 	} else
 		listen_watcher.tlsctx = NULL;
 #endif