Browse Source
Restore original streams when terminating TLS
In theory we could return to communicate without TLS after a shutdown. It also makes sure the connection object isn't left completely without streams.tags/v1.9.90
Pierre Ossman
5 years ago
4 changed files with 27 additions and 2 deletions
+ 10
- 1
common/rfb/CSecurityTLS.cxx
View File
| @@ -69,7 +69,7 @@ static LogWriter vlog("TLS"); | |||
| CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon) | |||
| : CSecurity(cc), session(NULL), anon_cred(NULL), cert_cred(NULL), | |||
| anon(_anon), tlsis(NULL), tlsos(NULL) | |||
| anon(_anon), tlsis(NULL), tlsos(NULL), rawis(NULL), rawos(NULL) | |||
| { | |||
| cafile = X509CA.getData(); | |||
| crlfile = X509CRL.getData(); | |||
| @@ -116,6 +116,12 @@ void CSecurityTLS::shutdown(bool needbye) | |||
| cert_cred = 0; | |||
| } | |||
| if (rawis && rawos) { | |||
| cc->setStreams(rawis, rawos); | |||
| rawis = NULL; | |||
| rawos = NULL; | |||
| } | |||
| if (tlsis) { | |||
| delete tlsis; | |||
| tlsis = NULL; | |||
| @@ -174,6 +180,9 @@ bool CSecurityTLS::processMsg() | |||
| // for GnuTLS | |||
| tlsis = new rdr::TLSInStream(is, session); | |||
| tlsos = new rdr::TLSOutStream(os, session); | |||
| rawis = is; | |||
| rawos = os; | |||
| } | |||
| int err; | |||
+ 3
- 0
common/rfb/CSecurityTLS.h
View File
| @@ -72,6 +72,9 @@ namespace rfb { | |||
| rdr::InStream* tlsis; | |||
| rdr::OutStream* tlsos; | |||
| rdr::InStream* rawis; | |||
| rdr::OutStream* rawos; | |||
| }; | |||
| } | |||
+ 11
- 1
common/rfb/SSecurityTLS.cxx
View File
| @@ -51,7 +51,8 @@ static LogWriter vlog("TLS"); | |||
| SSecurityTLS::SSecurityTLS(SConnection* sc, bool _anon) | |||
| : SSecurity(sc), session(NULL), dh_params(NULL), anon_cred(NULL), | |||
| cert_cred(NULL), anon(_anon), tlsis(NULL), tlsos(NULL) | |||
| cert_cred(NULL), anon(_anon), tlsis(NULL), tlsos(NULL), | |||
| rawis(NULL), rawos(NULL) | |||
| { | |||
| certfile = X509_CertFile.getData(); | |||
| keyfile = X509_KeyFile.getData(); | |||
| @@ -84,6 +85,12 @@ void SSecurityTLS::shutdown() | |||
| cert_cred = 0; | |||
| } | |||
| if (rawis && rawos) { | |||
| sc->setStreams(rawis, rawos); | |||
| rawis = NULL; | |||
| rawos = NULL; | |||
| } | |||
| if (tlsis) { | |||
| delete tlsis; | |||
| tlsis = NULL; | |||
| @@ -139,6 +146,9 @@ bool SSecurityTLS::processMsg() | |||
| // for GnuTLS | |||
| tlsis = new rdr::TLSInStream(is, session); | |||
| tlsos = new rdr::TLSOutStream(os, session); | |||
| rawis = is; | |||
| rawos = os; | |||
| } | |||
| int err; | |||
+ 3
- 0
common/rfb/SSecurityTLS.h
View File
| @@ -65,6 +65,9 @@ namespace rfb { | |||
| rdr::InStream* tlsis; | |||
| rdr::OutStream* tlsos; | |||
| rdr::InStream* rawis; | |||
| rdr::OutStream* rawos; | |||
| }; | |||
| } | |||
Loading…