new_connection_prepare_(): added check for valid TLS initialisation - libmicrohttpd - HTTP/1.x server C library (MHD 1.x, stable)

commit 13fe456581693421459100d60a7a0f93e05ce533
parent 53fec1c213590314369868abc2768f155f6f6938
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date:   Thu, 22 Oct 2020 17:01:52 +0300

new_connection_prepare_(): added check for valid TLS initialisation

Diffstat:
M src/microhttpd/daemon.c  | 24 ++++++++++++++++++++----

1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
@@ -2535,10 +2535,26 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
 #endif
     connection->tls_state = MHD_TLS_CONN_INIT;
     MHD_set_https_callbacks (connection);
-    gnutls_init (&connection->tls_session,
-                 flags);
-    gnutls_priority_set (connection->tls_session,
-                         daemon->priority_cache);
+    if ((GNUTLS_E_SUCCESS != gnutls_init (&connection->tls_session, flags)) ||
+        (GNUTLS_E_SUCCESS != gnutls_priority_set (connection->tls_session,
+                                                  daemon->priority_cache)))
+    {
+      gnutls_deinit (connection->tls_session);
+      MHD_socket_close_chk_ (client_socket);
+      MHD_ip_limit_del (daemon,
+                        addr,
+                        addrlen);
+      free (connection->addr);
+      free (connection);
+#ifdef HAVE_MESSAGES
+      MHD_DLOG (connection->daemon,
+                _ ("Failed to initialise TLS session.\n"));
+#endif
+#if EPROTO
+      errno = EPROTO;
+#endif
+      return MHD_NO;
+    }
     gnutls_session_set_ptr (connection->tls_session,
                             connection);
     switch (daemon->cred_type)

	libmicrohttpd HTTP/1.x server C library (MHD 1.x, stable)
	Log \| Files \| Refs \| Submodules \| README \| LICENSE