Mercurial > dovecot > core-2.2
changeset 22746:48980d280f13
lib-ssl-iostream: Fix checking cert validity when handshake callback isn't used
| author | Timo Sirainen <timo.sirainen@dovecot.fi> |
|---|---|
| date | Tue, 31 Oct 2017 19:49:56 +0200 |
| parents | 189784ce9a73 |
| children | 01e96a26135c |
| files | src/lib-ssl-iostream/iostream-openssl.c |
| diffstat | 1 files changed, 6 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-ssl-iostream/iostream-openssl.c Wed Nov 01 12:58:46 2017 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl.c Tue Oct 31 19:49:56 2017 +0200 @@ -598,14 +598,16 @@ if (ssl_io->handshake_callback != NULL) { if (ssl_io->handshake_callback(&error, ssl_io->handshake_context) < 0) { i_assert(error != NULL); - i_stream_close(ssl_io->plain_input); - o_stream_close(ssl_io->plain_output); openssl_iostream_set_error(ssl_io, error); ssl_io->handshake_failed = TRUE; - errno = EINVAL; - return -1; } } + if (ssl_io->handshake_failed) { + i_stream_close(ssl_io->plain_input); + o_stream_close(ssl_io->plain_output); + errno = EINVAL; + return -1; + } i_free_and_null(ssl_io->last_error); ssl_io->handshaked = TRUE;