diff options
Diffstat (limited to 'main/tcptls.c')
-rw-r--r-- | main/tcptls.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/main/tcptls.c b/main/tcptls.c index 2ad3a10e4..2e5cbf4c6 100644 --- a/main/tcptls.c +++ b/main/tcptls.c @@ -84,6 +84,7 @@ static int ssl_close(void *cookie) { int cookie_fd = SSL_get_fd(cookie); int ret; + if (cookie_fd > -1) { /* * According to the TLS standard, it is acceptable for an application to only send its shutdown @@ -93,6 +94,12 @@ static int ssl_close(void *cookie) if ((ret = SSL_shutdown(cookie)) < 0) { ast_log(LOG_ERROR, "SSL_shutdown() failed: %d\n", SSL_get_error(cookie, ret)); } + + if (!((SSL*)cookie)->server) { + /* For client threads, ensure that the error stack is cleared */ + ERR_remove_state(0); + } + SSL_free(cookie); /* adding shutdown(2) here has no added benefit */ if (close(cookie_fd)) { @@ -320,9 +327,6 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client) return 0; } - SSL_load_error_strings(); - SSLeay_add_ssl_algorithms(); - /* Get rid of an old SSL_CTX since we're about to * allocate a new one */ @@ -364,7 +368,6 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client) if (!client) { /* Clients don't need a certificate, but if its setup we can use it */ ast_verb(0, "SSL error loading cert file. <%s>\n", cfg->certfile); - sleep(2); cfg->enabled = 0; SSL_CTX_free(cfg->ssl_ctx); cfg->ssl_ctx = NULL; @@ -375,7 +378,6 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client) if (!client) { /* Clients don't need a private key, but if its setup we can use it */ ast_verb(0, "SSL error loading private key file. <%s>\n", tmpprivate); - sleep(2); cfg->enabled = 0; SSL_CTX_free(cfg->ssl_ctx); cfg->ssl_ctx = NULL; @@ -387,7 +389,6 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client) if (SSL_CTX_set_cipher_list(cfg->ssl_ctx, cfg->cipher) == 0 ) { if (!client) { ast_verb(0, "SSL cipher error <%s>\n", cfg->cipher); - sleep(2); cfg->enabled = 0; SSL_CTX_free(cfg->ssl_ctx); cfg->ssl_ctx = NULL; |