The code herein is a revamp of GnuTLS integration using the current APIs; the
original tls-gnu.c was based on a patch which was contributed by Nikos
-Mavroyanopoulos. The revamp is partially a rewrite, partially cut&paste as
+Mavrogiannopoulos. The revamp is partially a rewrite, partially cut&paste as
appropriate.
APIs current as of GnuTLS 2.12.18; note that the GnuTLS manual is for GnuTLS 3,
Returns: OK on success
DEFER for errors before the start of the negotiation
- FAIL for errors during the negotation; the server can't
+ FAIL for errors during the negotiation; the server can't
continue running.
*/
tls_error(US"gnutls_handshake", gnutls_strerror(rc), NULL);
(void) gnutls_alert_send_appropriate(state->session, rc);
gnutls_deinit(state->session);
+ gnutls_certificate_free_credentials(state->x509_cred);
millisleep(500);
shutdown(state->fd_out, SHUT_WR);
for (rc = 1024; fgetc(smtp_in) != EOF && rc > 0; ) rc--; /* drain skt */
if (shutdown)
{
- DEBUG(D_tls) debug_printf("tls_close() from '%s': shutting down TLS\n");
+ DEBUG(D_tls) debug_printf("tls_close(): shutting down TLS\n");
gnutls_bye(state->session, GNUTLS_SHUT_WR);
}
gnutls_deinit(state->session);
+gnutls_certificate_free_credentials(state->x509_cred);
+
state->tlsp->active = -1;
memcpy(state, &exim_gnutls_state_init, sizeof(exim_gnutls_state_init));
receive_smtp_buffered = smtp_buffered;
gnutls_deinit(state->session);
+ gnutls_certificate_free_credentials(state->x509_cred);
+
state->session = NULL;
state->tlsp->active = -1;
state->tlsp->bits = 0;