Skip to content

G
git2
Commit 89460f3f by Carlos Martín Nieto
Options

ssl: teardown the connection on close 

This should help us free some resources, though the libraries do keep
some buffers allocated regardless.
parent a6f24a5b
Showing with 35 additions and 7 deletions
src/netops.c
...@@ -166,9 +166,35 @@ void gitno_consume_n(gitno_buffer *buf, size_t cons) ...@@ -166,9 +166,35 @@ void gitno_consume_n(gitno_buffer *buf, size_t cons)
buf->offset -= cons; buf->offset -= cons;
} }
int gitno_ssl_teardown(git_transport *t)
{
int ret = ret;
if (!t->encrypt)
return 0;
#ifdef GIT_GNUTLS #ifdef GIT_GNUTLS
gnutls_deinit(t->ssl.session);
gnutls_certificate_free_credentials(t->ssl.cred);
gnutls_global_deinit();
#elif defined(GIT_OPENSSL)
do {
ret = SSL_shutdown(t->ssl.ssl);
} while (ret == 0);
if (ret < 0)
return ssl_set_error(&t->ssl, ret);
SSL_free(t->ssl.ssl);
SSL_CTX_free(t->ssl.ctx);
#endif
return 0;
}
static int ssl_setup(git_transport *t) static int ssl_setup(git_transport *t)
{ {
#ifdef GIT_GNUTLS
int ret; int ret;
if ((ret = gnutls_global_init()) < 0) if ((ret = gnutls_global_init()) < 0)
...@@ -199,11 +225,9 @@ static int ssl_setup(git_transport *t) ...@@ -199,11 +225,9 @@ static int ssl_setup(git_transport *t)
on_error: on_error:
gnutls_deinit(t->ssl.session); gnutls_deinit(t->ssl.session);
gnutls_global_deinit();
return -1; return -1;
}
#elif defined(GIT_OPENSSL) #elif defined(GIT_OPENSSL)
static int ssl_setup(git_transport *t)
{
int ret; int ret;
SSL_library_init(); SSL_library_init();
...@@ -225,9 +249,11 @@ static int ssl_setup(git_transport *t) ...@@ -225,9 +249,11 @@ static int ssl_setup(git_transport *t)
return ssl_set_error(&t->ssl, ret); return ssl_set_error(&t->ssl, ret);
return 0; return 0;
} #else
GIT_UNUSED(t);
return 0;
#endif #endif
}
int gitno_connect(git_transport *t, const char *host, const char *port) int gitno_connect(git_transport *t, const char *host, const char *port)
{ {
struct addrinfo *info = NULL, *p; struct addrinfo *info = NULL, *p;
...@@ -268,10 +294,8 @@ int gitno_connect(git_transport *t, const char *host, const char *port) ...@@ -268,10 +294,8 @@ int gitno_connect(git_transport *t, const char *host, const char *port)
t->socket = s; t->socket = s;
freeaddrinfo(info); freeaddrinfo(info);
#ifdef GIT_SSL
if (t->encrypt && ssl_setup(t) < 0) if (t->encrypt && ssl_setup(t) < 0)
return -1; return -1;
#endif
return 0; return 0;
} }
......
src/netops.h
...@@ -30,6 +30,7 @@ void gitno_consume_n(gitno_buffer *buf, size_t cons); ...@@ -30,6 +30,7 @@ void gitno_consume_n(gitno_buffer *buf, size_t cons);
int gitno_connect(git_transport *t, const char *host, const char *port); int gitno_connect(git_transport *t, const char *host, const char *port);
int gitno_send(git_transport *t, const char *msg, size_t len, int flags); int gitno_send(git_transport *t, const char *msg, size_t len, int flags);
int gitno_close(GIT_SOCKET s); int gitno_close(GIT_SOCKET s);
int gitno_ssl_teardown(git_transport *t);
int gitno_send_chunk_size(int s, size_t len); int gitno_send_chunk_size(int s, size_t len);
int gitno_select_in(gitno_buffer *buf, long int sec, long int usec); int gitno_select_in(gitno_buffer *buf, long int sec, long int usec);
......
src/transports/http.c
...@@ -605,6 +605,9 @@ on_error: ...@@ -605,6 +605,9 @@ on_error:
static int http_close(git_transport *transport) static int http_close(git_transport *transport)
{ {
if (gitno_ssl_teardown(transport) < 0)
return -1;
if (gitno_close(transport->socket) < 0) { if (gitno_close(transport->socket) < 0) {
giterr_set(GITERR_OS, "Failed to close the socket: %s", strerror(errno)); giterr_set(GITERR_OS, "Failed to close the socket: %s", strerror(errno));
return -1; return -1;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment