tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure 

refs #6361
This commit is contained in:
Alexander A. Klimov 2018-06-14 15:03:04 +02:00
parent eee30750d5
commit 7741517df7
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/remote/apilistener.cpp
View File

@ -457,6 +457,7 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
} catch (const std::exception&) { } catch (const std::exception&) {
Log(LogCritical, "ApiListener") Log(LogCritical, "ApiListener")
<< "Client TLS handshake failed (" << conninfo << ")"; << "Client TLS handshake failed (" << conninfo << ")";
tlsStream->Close();
return; return;
} }
@ -471,6 +472,7 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
} catch (const std::exception&) { } catch (const std::exception&) {
Log(LogCritical, "ApiListener") Log(LogCritical, "ApiListener")
<< "Cannot get certificate common name from cert path: '" << GetDefaultCertPath() << "'."; << "Cannot get certificate common name from cert path: '" << GetDefaultCertPath() << "'.";
tlsStream->Close();
return; return;
} }
@ -480,6 +482,7 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
Log(LogWarning, "ApiListener") Log(LogWarning, "ApiListener")
<< "Unexpected certificate common name while connecting to endpoint '" << "Unexpected certificate common name while connecting to endpoint '"
<< hostname << "': got '" << identity << "'"; << hostname << "': got '" << identity << "'";
tlsStream->Close();
return; return;
} else if (!verify_ok) { } else if (!verify_ok) {
Log(LogWarning, "ApiListener") Log(LogWarning, "ApiListener")
@ -529,6 +532,7 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
Log(LogWarning, "ApiListener") Log(LogWarning, "ApiListener")
<< "No data received on new API connection for identity '" << identity << "'. " << "No data received on new API connection for identity '" << identity << "'. "
<< "Ensure that the remote endpoints are properly configured in a cluster setup."; << "Ensure that the remote endpoints are properly configured in a cluster setup.";
tlsStream->Close();
return; return;
} }