url: close TLS before removing conn from cache (927a5bd1) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

lib/url.c

+4 −5

Original line number	Diff line number	Diff line
		@@ -788,8 +788,11 @@ CURLcode Curl_disconnect(struct Curl_easy *data,
		/* This is set if protocol-specific cleanups should be made */
		conn->handler->disconnect(conn, dead_connection);

		/* unlink ourselves! */
		infof(data, "Closing connection %ld\n", conn->connection_id);
		Curl_ssl_close(conn, FIRSTSOCKET);
		Curl_ssl_close(conn, SECONDARYSOCKET);

		/* unlink ourselves! */
		Curl_conncache_remove_conn(data, conn, TRUE);

		free_idnconverted_hostname(&conn->host);
		@@ -797,10 +800,6 @@ CURLcode Curl_disconnect(struct Curl_easy *data,
		free_idnconverted_hostname(&conn->http_proxy.host);
		free_idnconverted_hostname(&conn->socks_proxy.host);

		/* this assumes that the pointer is still there after the connection was
		detected from the cache */
		Curl_ssl_close(conn, FIRSTSOCKET);

		conn_free(conn);
		return CURLE_OK;
		}

+4 −4

Original line number	Diff line number	Diff line
		@@ -1960,6 +1960,8 @@ static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
		char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
		conn->host.name;

		DEBUGASSERT(data);

		infof(data, "schannel: shutting down SSL/TLS connection with %s port %hu\n",
		hostname, conn->remote_port);

		@@ -2035,10 +2037,8 @@ static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
		* might not have an associated transfer so the check for conn->data is
		* necessary.
		*/
		if(conn->data)
		Curl_ssl_sessionid_lock(conn);
		Curl_schannel_session_free(BACKEND->cred);
		if(conn->data)
		Curl_ssl_sessionid_unlock(conn);
		BACKEND->cred = NULL;
		}