properly handle handshake failures

If a TLS handshake fails there's nothing we can do, so don't attempt to reply an error (the connected client is not speaking Gemini as it's not using TLS at all) and instead just close the connection. Fixes issue #13
author: Omar Polo <op@omarpolo.com> 2023-06-24 14:15:57 +0000
committer: Omar Polo <op@omarpolo.com> 2023-06-24 14:15:57 +0000
commit: c5edb157405883dc7c869beb2c1e05cefe325fdf (patch)
tree: 64ff314b71a4bd42e887e17299d2d989d3db3aef /server.c
parent: 53bdae38fe6062469d8b444d5e6bd99ff34ca94b (diff)
1 files changed, 8 insertions, 4 deletions
diff --git a/server.c b/server.c
index 45c5d0b..ea2eb60 100644
--- a/server.c
+++ b/server.c
@@ -434,8 +434,11 @@ handle_handshake(int fd, short ev, void *d)
 
 	switch (tls_handshake(c->ctx)) {
 	case 0:  /* success */
-	case -1: /* already handshaked */
 		break;
+	case -1:
+		log_warnx("tls_handshake failed: %s", tls_error(c->ctx));
+		client_close(c);
+		return;
 	case TLS_WANT_POLLIN:
 		event_once(c->fd, EV_READ, handle_handshake, c, NULL);
 		return;
@@ -1309,9 +1312,10 @@ client_close(struct client *c)
 		c->pfd = -1;
 	}
 
-	bufferevent_disable(c->bev, EVBUFFER_READ|EVBUFFER_WRITE);
-	bufferevent_free(c->bev);
-	c->bev = NULL;
+	if (c->bev != NULL) {
+		bufferevent_disable(c->bev, EVBUFFER_READ|EVBUFFER_WRITE);
+		bufferevent_free(c->bev);
+	}
 
 	if (c->proxyevset &&
 	    event_pending(&c->proxyev, EV_READ|EV_WRITE, NULL)) {
author	Omar Polo <op@omarpolo.com>	2023-06-24 14:15:57 +0000
committer	Omar Polo <op@omarpolo.com>	2023-06-24 14:15:57 +0000
commit	c5edb157405883dc7c869beb2c1e05cefe325fdf (patch)
tree	64ff314b71a4bd42e887e17299d2d989d3db3aef /server.c
parent	53bdae38fe6062469d8b444d5e6bd99ff34ca94b (diff)