WiFiClientSecure: don’t send close alert when opening new session

When WiFiClientSecure::connect was called, it would first tear down and existing and set up new TCP session, then tear down existing TLS session (using ssl_free), and then set up a new one. This caused TLS close- notify alert to be sent to the new TCP session, preventing new session from being established. This change postpones setting IO ctx to the new TCP connection, fixing this issue. Ref esp8266#3330
madpilot · Jun 5, 2017 · 8c3bb69 · 8c3bb69
1 parent e39a46f
commit 8c3bb69
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp b/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp
@@ -93,10 +93,16 @@ class SSLContext
         SSL_EXTENSIONS* ext = ssl_ext_new();
         ssl_ext_set_host_name(ext, hostName);
         ssl_ext_set_max_fragment_size(ext, 4096);
-        s_io_ctx = ctx;
         if (_ssl) {
+            /* Creating a new TLS session on top of a new TCP connection.
+               ssl_free will want to send a close notify alert, but the old TCP connection
+               is already gone at this point, so reset s_io_ctx. */
+            s_io_ctx = nullptr;
             ssl_free(_ssl);
+            _available = 0;
+            _read_ptr = nullptr;
         }
+        s_io_ctx = ctx;
         _ssl = ssl_client_new(_ssl_ctx, 0, nullptr, 0, ext);
         uint32_t t = millis();