summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDrew DeVault <sir@cmpwn.com>2020-09-26 16:10:10 -0400
committerDrew DeVault <sir@cmpwn.com>2020-09-26 16:10:10 -0400
commit50d21c03f5b02254d8eb0953bd5e635813cfe1c1 (patch)
tree9a6ca3851fdf22c68a5e14eecb0052c83409ff1a
parente9641dbf1ec871d8ab367b4f4655278caeecf621 (diff)
downloadgmnisrv-50d21c03f5b02254d8eb0953bd5e635813cfe1c1.tar.gz
gmnisrv-50d21c03f5b02254d8eb0953bd5e635813cfe1c1.tar.xz
gmnisrv-50d21c03f5b02254d8eb0953bd5e635813cfe1c1.zip
Free up resources throughout
-rw-r--r--include/tls.h7
-rw-r--r--src/config.c1
-rw-r--r--src/main.c10
-rw-r--r--src/server.c18
-rw-r--r--src/tls.c16
5 files changed, 38 insertions, 14 deletions
diff --git a/include/tls.h b/include/tls.h
index 06d1123..81ff613 100644
--- a/include/tls.h
+++ b/include/tls.h
@@ -3,8 +3,9 @@
struct gmnisrv_config;
-int gmnisrv_tls_init(struct gmnisrv_config *conf);
-SSL *gmnisrv_tls_get_ssl(struct gmnisrv_config *conf, int fd);
-void gmnisrv_tls_set_host(SSL *ssl, struct gmnisrv_host *host);
+int tls_init(struct gmnisrv_config *conf);
+void tls_finish(struct gmnisrv_config *conf);
+SSL *tls_get_ssl(struct gmnisrv_config *conf, int fd);
+void tls_set_host(SSL *ssl, struct gmnisrv_host *host);
#endif
diff --git a/src/config.c b/src/config.c
index f146aa0..367094f 100644
--- a/src/config.c
+++ b/src/config.c
@@ -236,6 +236,7 @@ config_finish(struct gmnisrv_config *conf)
struct gmnisrv_host *next = host->next;
free(host->hostname);
free(host->root);
+ free(host->index);
free(host);
host = next;
}
diff --git a/src/main.c b/src/main.c
index aa7ffcf..0a6336b 100644
--- a/src/main.c
+++ b/src/main.c
@@ -40,10 +40,10 @@ main(int argc, char **argv)
int r = load_config(&conf, confpath);
if (r != 0) {
server_error("Config load failed");
- goto exit_conf;
+ goto exit;
}
- r = gmnisrv_tls_init(&conf);
+ r = tls_init(&conf);
if (r != 0) {
server_error("TLS initialization failed");
goto exit_conf;
@@ -52,13 +52,15 @@ main(int argc, char **argv)
struct gmnisrv_server server = {0};
r = server_init(&server, &conf);
if (r != 0) {
- goto exit;
+ goto exit_tls;
}
server_run(&server);
-exit:
server_finish(&server);
+exit_tls:
+ tls_finish(&conf);
exit_conf:
config_finish(&conf);
+exit:
return 0;
}
diff --git a/src/server.c b/src/server.c
index eb5f9f7..958ad64 100644
--- a/src/server.c
+++ b/src/server.c
@@ -210,7 +210,7 @@ disconnect_client(struct gmnisrv_server *server, struct gmnisrv_client *client)
static int
client_init_ssl(struct gmnisrv_server *server, struct gmnisrv_client *client)
{
- client->ssl = gmnisrv_tls_get_ssl(server->conf, client->sockfd);
+ client->ssl = tls_get_ssl(server->conf, client->sockfd);
if (!client->ssl) {
client_error(&client->addr,
"unable to initialize SSL, disconnecting");
@@ -377,6 +377,10 @@ sni_callback(SSL *ssl, int *al, void *arg)
const char *hostname = SSL_get_servername(client->ssl,
SSL_get_servername_type(client->ssl));
+ if (!hostname) {
+ return SSL_TLSEXT_ERR_NOACK;
+ }
+
struct gmnisrv_host *host = gmnisrv_config_get_host(
server->conf, hostname);
if (!host) {
@@ -384,7 +388,7 @@ sni_callback(SSL *ssl, int *al, void *arg)
}
client->host = host;
- gmnisrv_tls_set_host(client->ssl, client->host);
+ tls_set_host(client->ssl, client->host);
return SSL_TLSEXT_ERR_OK;
}
@@ -461,6 +465,12 @@ server_run(struct gmnisrv_server *server)
void
server_finish(struct gmnisrv_server *server)
{
- // TODO
- (void)server;
+ while (server->nclients) {
+ disconnect_client(server, &server->clients[0]);
+ }
+ for (size_t i = 0; i < server->nfds; ++i) {
+ close(server->fds[i].fd);
+ }
+ free(server->fds);
+ free(server->clients);
}
diff --git a/src/tls.c b/src/tls.c
index 7d748d7..cde4b25 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -156,7 +156,7 @@ generate:
}
int
-gmnisrv_tls_init(struct gmnisrv_config *conf)
+tls_init(struct gmnisrv_config *conf)
{
SSL_load_error_strings();
ERR_load_crypto_strings();
@@ -177,8 +177,18 @@ gmnisrv_tls_init(struct gmnisrv_config *conf)
return 0;
}
+void
+tls_finish(struct gmnisrv_config *conf)
+{
+ SSL_CTX_free(conf->tls.ssl_ctx);
+ for (struct gmnisrv_host *host = conf->hosts; host; host = host->next) {
+ X509_free(host->x509);
+ EVP_PKEY_free(host->pkey);
+ }
+}
+
SSL *
-gmnisrv_tls_get_ssl(struct gmnisrv_config *conf, int fd)
+tls_get_ssl(struct gmnisrv_config *conf, int fd)
{
SSL *ssl = SSL_new(conf->tls.ssl_ctx);
if (!ssl) {
@@ -190,7 +200,7 @@ gmnisrv_tls_get_ssl(struct gmnisrv_config *conf, int fd)
}
void
-gmnisrv_tls_set_host(SSL *ssl, struct gmnisrv_host *host)
+tls_set_host(SSL *ssl, struct gmnisrv_host *host)
{
SSL_use_certificate(ssl, host->x509);
SSL_use_PrivateKey(ssl, host->pkey);