From: Timo Sirainen Date: Wed, 29 Apr 2020 12:18:55 +0000 (+0300) Subject: login-proxy: login_proxy_starttls() - destroy proxy internally on failure X-Git-Tag: 2.3.13~682 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7df003190dd3ce1746736f330a9231abd8b76ca2;p=thirdparty%2Fdovecot%2Fcore.git login-proxy: login_proxy_starttls() - destroy proxy internally on failure --- diff --git a/src/imap-login/imap-proxy.c b/src/imap-login/imap-proxy.c index 18f7b95cd5..35bebec5b0 100644 --- a/src/imap-login/imap-proxy.c +++ b/src/imap-login/imap-proxy.c @@ -325,10 +325,8 @@ int imap_proxy_parse_line(struct client *client, const char *line) return -1; } /* STARTTLS successful, begin TLS negotiation. */ - if (login_proxy_starttls(client->login_proxy) < 0) { - client_proxy_failed(client, TRUE); + if (login_proxy_starttls(client->login_proxy) < 0) return -1; - } /* i/ostreams changed. */ output = login_proxy_get_ostream(client->login_proxy); str = t_str_new(128); diff --git a/src/login-common/login-proxy.c b/src/login-common/login-proxy.c index c67727235e..e7ca61d7bf 100644 --- a/src/login-common/login-proxy.c +++ b/src/login-common/login-proxy.c @@ -284,8 +284,7 @@ static void proxy_wait_connect(struct login_proxy *proxy) if ((proxy->ssl_flags & PROXY_SSL_FLAG_YES) != 0 && (proxy->ssl_flags & PROXY_SSL_FLAG_STARTTLS) == 0) { if (login_proxy_starttls(proxy) < 0) { - login_proxy_free(&proxy); - return; + /* proxy is already destroyed */ } } } @@ -702,6 +701,7 @@ int login_proxy_starttls(struct login_proxy *proxy) if (ssl_iostream_client_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0) { e_error(proxy->event, "Failed to create SSL client context: %s", error); + client_proxy_failed(proxy->client, TRUE); return -1; } @@ -711,6 +711,7 @@ int login_proxy_starttls(struct login_proxy *proxy) &proxy->server_ssl_iostream, &error) < 0) { e_error(proxy->event, "Failed to create SSL client: %s", error); + client_proxy_failed(proxy->client, TRUE); ssl_iostream_context_unref(&ssl_ctx); return -1; } @@ -719,6 +720,7 @@ int login_proxy_starttls(struct login_proxy *proxy) error = ssl_iostream_get_last_error(proxy->server_ssl_iostream); e_error(proxy->event, "Failed to start SSL handshake: %s", ssl_iostream_get_last_error(proxy->server_ssl_iostream)); + client_proxy_failed(proxy->client, TRUE); return -1; } diff --git a/src/pop3-login/pop3-proxy.c b/src/pop3-login/pop3-proxy.c index 746e4ee932..0c32c9da5f 100644 --- a/src/pop3-login/pop3-proxy.c +++ b/src/pop3-login/pop3-proxy.c @@ -184,10 +184,8 @@ int pop3_proxy_parse_line(struct client *client, const char *line) client_proxy_failed(client, TRUE); return -1; } - if (login_proxy_starttls(client->login_proxy) < 0) { - client_proxy_failed(client, TRUE); + if (login_proxy_starttls(client->login_proxy) < 0) return -1; - } /* i/ostreams changed. */ output = login_proxy_get_ostream(client->login_proxy); if (proxy_send_login(pop3_client, output) < 0) diff --git a/src/submission-login/submission-proxy.c b/src/submission-login/submission-proxy.c index 622b3470f7..82d968785b 100644 --- a/src/submission-login/submission-proxy.c +++ b/src/submission-login/submission-proxy.c @@ -353,10 +353,8 @@ int submission_proxy_parse_line(struct client *client, const char *line) } if (!last_line) return 0; - if (login_proxy_starttls(client->login_proxy) < 0) { - client_proxy_failed(client, TRUE); + if (login_proxy_starttls(client->login_proxy) < 0) return -1; - } /* i/ostreams changed. */ output = login_proxy_get_ostream(client->login_proxy);