diff options
author | Julian Andres Klode <jak@debian.org> | 2017-06-30 17:12:11 +0200 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2017-06-30 17:12:11 +0200 |
commit | 8f5db6b513b90b6ee5b625131a25b146fa912e0d (patch) | |
tree | 1e0efd607b6c628a62323f8abdf69c0df3fee7e2 | |
parent | c6a428e4d17b408c2701def5daa46ca950948980 (diff) |
Improve closing the TLS connection
If gnutls_session_bye() exited with an error, we never closed
the underlying file descriptor, causing the method to think the
connection was still open. This caused problems especially in
test-partial-file-support where we checked that a "complete"
file and an incomplete file work. The first GET returns a 416
with Connection: close, and the next GET request then accidentally
reads the body of the 416 as the header for its own request.
-rw-r--r-- | methods/connect.cc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/methods/connect.cc b/methods/connect.cc index f58a67db3..0d4b3e26f 100644 --- a/methods/connect.cc +++ b/methods/connect.cc @@ -632,9 +632,9 @@ struct TlsFd : public MethodFd int Close() APT_OVERRIDE { - if (HandleError(gnutls_bye(session, GNUTLS_SHUT_RDWR)) < 0) - return -1; - return UnderlyingFd->Close(); + auto err = HandleError(gnutls_bye(session, GNUTLS_SHUT_RDWR)); + auto lower = UnderlyingFd->Close(); + return err < 0 ? HandleError(err) : lower; } bool HasPending() APT_OVERRIDE |