In theory we could return to communicate without TLS after a shutdown. It also makes sure the connection object isn't left completely without streams.tags/v1.9.90
@@ -69,7 +69,7 @@ static LogWriter vlog("TLS"); | |||
CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon) | |||
: CSecurity(cc), session(NULL), anon_cred(NULL), cert_cred(NULL), | |||
anon(_anon), tlsis(NULL), tlsos(NULL) | |||
anon(_anon), tlsis(NULL), tlsos(NULL), rawis(NULL), rawos(NULL) | |||
{ | |||
cafile = X509CA.getData(); | |||
crlfile = X509CRL.getData(); | |||
@@ -116,6 +116,12 @@ void CSecurityTLS::shutdown(bool needbye) | |||
cert_cred = 0; | |||
} | |||
if (rawis && rawos) { | |||
cc->setStreams(rawis, rawos); | |||
rawis = NULL; | |||
rawos = NULL; | |||
} | |||
if (tlsis) { | |||
delete tlsis; | |||
tlsis = NULL; | |||
@@ -174,6 +180,9 @@ bool CSecurityTLS::processMsg() | |||
// for GnuTLS | |||
tlsis = new rdr::TLSInStream(is, session); | |||
tlsos = new rdr::TLSOutStream(os, session); | |||
rawis = is; | |||
rawos = os; | |||
} | |||
int err; |
@@ -72,6 +72,9 @@ namespace rfb { | |||
rdr::InStream* tlsis; | |||
rdr::OutStream* tlsos; | |||
rdr::InStream* rawis; | |||
rdr::OutStream* rawos; | |||
}; | |||
} | |||
@@ -51,7 +51,8 @@ static LogWriter vlog("TLS"); | |||
SSecurityTLS::SSecurityTLS(SConnection* sc, bool _anon) | |||
: SSecurity(sc), session(NULL), dh_params(NULL), anon_cred(NULL), | |||
cert_cred(NULL), anon(_anon), tlsis(NULL), tlsos(NULL) | |||
cert_cred(NULL), anon(_anon), tlsis(NULL), tlsos(NULL), | |||
rawis(NULL), rawos(NULL) | |||
{ | |||
certfile = X509_CertFile.getData(); | |||
keyfile = X509_KeyFile.getData(); | |||
@@ -84,6 +85,12 @@ void SSecurityTLS::shutdown() | |||
cert_cred = 0; | |||
} | |||
if (rawis && rawos) { | |||
sc->setStreams(rawis, rawos); | |||
rawis = NULL; | |||
rawos = NULL; | |||
} | |||
if (tlsis) { | |||
delete tlsis; | |||
tlsis = NULL; | |||
@@ -139,6 +146,9 @@ bool SSecurityTLS::processMsg() | |||
// for GnuTLS | |||
tlsis = new rdr::TLSInStream(is, session); | |||
tlsos = new rdr::TLSOutStream(os, session); | |||
rawis = is; | |||
rawos = os; | |||
} | |||
int err; |
@@ -65,6 +65,9 @@ namespace rfb { | |||
rdr::InStream* tlsis; | |||
rdr::OutStream* tlsos; | |||
rdr::InStream* rawis; | |||
rdr::OutStream* rawos; | |||
}; | |||
} |