Use openconnect_open_https() and openconnect_close_https() better.

Use them unconditionally, without checking ->https_ssl first, and use them
in some places instead of open-coding the same thing.

This makes the code slightly more agnostic to the choice of SSL library.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/cstp.c b/cstp.c
index 86c2e4f..23fae8f 100644 (file)
--- a/cstp.c
+++ b/cstp.c
@@ -378,7 +378,8 @@ int make_cstp_connection(struct openconnect_info *vpninfo)
 {
        int ret;
 
-       if (!vpninfo->https_ssl && (ret = openconnect_open_https(vpninfo)))
+       ret = openconnect_open_https(vpninfo);
+       if (ret)
                return ret;
 
        if (vpninfo->deflate) {

diff --git a/http.c b/http.c
index 6c1bf3a..ccbb551 100644 (file)
--- a/http.c
+++ b/http.c
@@ -335,12 +335,8 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
                }
        }
 
-       if (closeconn || vpninfo->no_http_keepalive) {
-               SSL_free(vpninfo->https_ssl);
-               vpninfo->https_ssl = NULL;
-               close(vpninfo->ssl_fd);
-               vpninfo->ssl_fd = -1;
-       }
+       if (closeconn || vpninfo->no_http_keepalive)
+               openconnect_close_https(vpninfo);
 
        if (body)
                body[done] = 0;
@@ -646,7 +642,7 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
                free(form_buf);
                form_buf = NULL;
        }
-       if (!vpninfo->https_ssl && openconnect_open_https(vpninfo)) {
+       if (openconnect_open_https(vpninfo)) {
                vpn_progress(vpninfo, PRG_ERR,
                             _("Failed to open HTTPS connection to %s\n"),
                             vpninfo->hostname);
@@ -739,12 +735,7 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
                                /* Kill the existing connection, and a new one will happen */
                                free(vpninfo->peer_addr);
                                vpninfo->peer_addr = NULL;
-                               if (vpninfo->https_ssl) {
-                                       SSL_free(vpninfo->https_ssl);
-                                       vpninfo->https_ssl = NULL;
-                                       close(vpninfo->ssl_fd);
-                                       vpninfo->ssl_fd = -1;
-                               }
+                               openconnect_close_https(vpninfo);
 
                                for (opt = vpninfo->cookies; opt; opt = next) {
                                        next = opt->next;

diff --git a/library.c b/library.c
index 3e79b7f..03bccd4 100644 (file)
--- a/library.c
+++ b/library.c
@@ -177,9 +177,7 @@ void openconnect_clear_cookie (struct openconnect_info *vpninfo)
 
 void openconnect_reset_ssl (struct openconnect_info *vpninfo)
 {
-       if (vpninfo->https_ssl) {
-               openconnect_close_https(vpninfo);
-       }
+       openconnect_close_https(vpninfo);
        if (vpninfo->peer_addr) {
                free(vpninfo->peer_addr);
                vpninfo->peer_addr = NULL;