commit c5edb157405883dc7c869beb2c1e05cefe325fdf
from: Omar Polo <op@omarpolo.com>
date: Sat Jun 24 14:15:57 2023 UTC

properly handle handshake failures

If a TLS handshake fails there's nothing we can do, so don't attempt
to reply an error (the connected client is not speaking Gemini as
it's not using TLS at all) and instead just close the connection.

Fixes issue #13

commit - 53bdae38fe6062469d8b444d5e6bd99ff34ca94b
commit + c5edb157405883dc7c869beb2c1e05cefe325fdf
blob - 45c5d0b59a5d0383ce49a138bef061f5a76a7b06
blob + ea2eb60c4ba9a2b0ac0784e680a805fa45a2ddc5
--- server.c
+++ server.c
@@ -434,8 +434,11 @@ handle_handshake(int fd, short ev, void *d)
 
 	switch (tls_handshake(c->ctx)) {
 	case 0:  /* success */
-	case -1: /* already handshaked */
 		break;
+	case -1:
+		log_warnx("tls_handshake failed: %s", tls_error(c->ctx));
+		client_close(c);
+		return;
 	case TLS_WANT_POLLIN:
 		event_once(c->fd, EV_READ, handle_handshake, c, NULL);
 		return;
@@ -1309,9 +1312,10 @@ client_close(struct client *c)
 		c->pfd = -1;
 	}
 
-	bufferevent_disable(c->bev, EVBUFFER_READ|EVBUFFER_WRITE);
-	bufferevent_free(c->bev);
-	c->bev = NULL;
+	if (c->bev != NULL) {
+		bufferevent_disable(c->bev, EVBUFFER_READ|EVBUFFER_WRITE);
+		bufferevent_free(c->bev);
+	}
 
 	if (c->proxyevset &&
 	    event_pending(&c->proxyev, EV_READ|EV_WRITE, NULL)) {