Make sure TLS is allowed to terminate gracefully

Some systems (like TLS) need to send some final data before closing
a connection. Make sure this is properly handled by cleaning up the
security object before closing the underlying network socket.

diff --git a/common/rfb/CConnection.cxx b/common/rfb/CConnection.cxx
index bdde32538271381e7b2fb80a6422f535a7dffb09..f541a969bb72a114eeee2d8d3c95461ecf830be3 100644 (file)
--- a/common/rfb/CConnection.cxx
+++ b/common/rfb/CConnection.cxx
@@ -60,14 +60,7 @@ CConnection::CConnection()
 
 CConnection::~CConnection()
 {
-  setFramebuffer(NULL);
-  if (csecurity)
-    delete csecurity;
-  delete reader_;
-  reader_ = 0;
-  delete writer_;
-  writer_ = 0;
-  strFree(serverClipboard);
+  close();
 }
 
 void CConnection::setStreams(rdr::InStream* is_, rdr::OutStream* os_)
@@ -336,6 +329,21 @@ void CConnection::securityCompleted()
   writer_->writeClientInit(shared);
 }
 
+void CConnection::close()
+{
+  state_ = RFBSTATE_CLOSING;
+
+  setFramebuffer(NULL);
+  delete csecurity;
+  csecurity = NULL;
+  delete reader_;
+  reader_ = NULL;
+  delete writer_;
+  writer_ = NULL;
+  strFree(serverClipboard);
+  serverClipboard = NULL;
+}
+
 void CConnection::setDesktopSize(int w, int h)
 {
   decoder.flush();

diff --git a/common/rfb/CConnection.h b/common/rfb/CConnection.h
index f01d5d362101d3f2470c5e8a931f00d1131fb021..3857be4d7c8ab0b175fd0e0c604036541ab3290e 100644 (file)
--- a/common/rfb/CConnection.h
+++ b/common/rfb/CConnection.h
@@ -86,6 +86,11 @@ namespace rfb {
     // NB: In either case, you must have called initialiseProtocol() first.
     void processMsg();
 
+    // close() gracefully shuts down the connection to the server and
+    // should be called before terminating the underlying network
+    // connection
+    void close();
+
 
     // Methods overridden from CMsgHandler
 
@@ -213,6 +218,7 @@ namespace rfb {
       RFBSTATE_SECURITY_RESULT,
       RFBSTATE_INITIALISATION,
       RFBSTATE_NORMAL,
+      RFBSTATE_CLOSING,
       RFBSTATE_INVALID
     };
 

diff --git a/common/rfb/SConnection.cxx b/common/rfb/SConnection.cxx
index 9e6d03229eaa144f40de182b436ff6a428d05236..b5a69d4cb4fee8c593b714c837039875a1f4029d 100644 (file)
--- a/common/rfb/SConnection.cxx
+++ b/common/rfb/SConnection.cxx
@@ -66,13 +66,7 @@ SConnection::SConnection()
 
 SConnection::~SConnection()
 {
-  if (ssecurity)
-    delete ssecurity;
-  delete reader_;
-  reader_ = 0;
-  delete writer_;
-  writer_ = 0;
-  strFree(clientClipboard);
+  cleanup();
 }
 
 void SConnection::setStreams(rdr::InStream* is_, rdr::OutStream* os_)
@@ -464,6 +458,7 @@ void SConnection::clientInit(bool shared)
 void SConnection::close(const char* reason)
 {
   state_ = RFBSTATE_CLOSING;
+  cleanup();
 }
 
 void SConnection::setPixelFormat(const PixelFormat& pf)
@@ -552,6 +547,18 @@ void SConnection::sendClipboardData(const char* data)
   }
 }
 
+void SConnection::cleanup()
+{
+  delete ssecurity;
+  ssecurity = NULL;
+  delete reader_;
+  reader_ = NULL;
+  delete writer_;
+  writer_ = NULL;
+  strFree(clientClipboard);
+  clientClipboard = NULL;
+}
+
 void SConnection::writeFakeColourMap(void)
 {
   int i;

diff --git a/common/rfb/SConnection.h b/common/rfb/SConnection.h
index a7c4e0a6acc81b892ec20dde07112c9bc3364bc5..e7bbf2c33d718535f5218e488dcc91559e8f6aad 100644 (file)
--- a/common/rfb/SConnection.h
+++ b/common/rfb/SConnection.h
@@ -230,6 +230,7 @@ namespace rfb {
     void setWriter(SMsgWriter *w) { writer_ = w; }
 
   private:
+    void cleanup();
     void writeFakeColourMap(void);
 
     bool readyForSetColourMapEntries;

diff --git a/common/rfb/VNCSConnectionST.cxx b/common/rfb/VNCSConnectionST.cxx
index 6ac9edbea97e4be5d393842b36ac43e9ae4b166e..00f640b364b83fa456ec87fd427ed6be8fb9b914 100644 (file)
--- a/common/rfb/VNCSConnectionST.cxx
+++ b/common/rfb/VNCSConnectionST.cxx
@@ -108,6 +108,8 @@ bool VNCSConnectionST::accessCheck(AccessRights ar) const
 
 void VNCSConnectionST::close(const char* reason)
 {
+  SConnection::close(reason);
+
   // Log the reason for the close
   if (!closeReason.buf)
     closeReason.buf = strDup(reason);
@@ -129,8 +131,6 @@ void VNCSConnectionST::close(const char* reason)
   // calling code will call VNCServerST's removeSocket() method causing us to
   // be deleted.
   sock->shutdown();
-
-  SConnection::close(reason);
 }
 
 

diff --git a/vncviewer/CConn.cxx b/vncviewer/CConn.cxx
index 234564f60ad4d63fb61f220ac4288f8859298220..68f4144590523b7ab5cc65fe0d33038f20cc900f 100644 (file)
--- a/vncviewer/CConn.cxx
+++ b/vncviewer/CConn.cxx
@@ -129,6 +129,8 @@ CConn::CConn(const char* vncServerName, network::Socket* socket=NULL)
 
 CConn::~CConn()
 {
+  close();
+
   OptionsDialog::removeCallback(handleOptions);
   Fl::remove_timeout(handleUpdateTimeout, this);