From bebd0b64c36bccbc3f5d5cefe1476b2b15183a49 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Deuc=D0=B5?= <shurd@sasktel.net>
Date: Sat, 20 Jan 2024 00:19:05 -0500
Subject: [PATCH] Only tls servers should call destroy_session()

TLS clients don't (currently) add a certificate, so there's no need
to delete it.
---
 src/sbbs3/js_socket.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/sbbs3/js_socket.c b/src/sbbs3/js_socket.c
index 993366413d..e00dc96761 100644
--- a/src/sbbs3/js_socket.c
+++ b/src/sbbs3/js_socket.c
@@ -215,7 +215,10 @@ static void do_js_close(JSContext *cx, js_socket_private_t *p, bool finalize)
 	size_t i;
 
 	if(p->session != -1) {
-		destroy_session(lprintf, p->session);
+		if (p->tls_server)
+			destroy_session(lprintf, p->session);
+		else
+			cryptDestroySession(p->session);
 		p->session=-1;
 	}
 
@@ -2308,7 +2311,10 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict
 			break;
 		case SOCK_PROP_DESCRIPTOR:
 			if(p->session != -1) {
-				destroy_session(lprintf, p->session);
+				if (p->tls_server)
+					destroy_session(lprintf, p->session);
+				else
+					cryptDestroySession(p->session);
 				p->session=-1;
 			}
 			if(JS_ValueToInt32(cx,*vp,&i))
@@ -2389,7 +2395,10 @@ static JSBool js_socket_set(JSContext *cx, JSObject *obj, jsid id, JSBool strict
 			}
 			else {
 				if(p->session != -1) {
-					destroy_session(lprintf, p->session);
+					if (p->tls_server)
+						destroy_session(lprintf, p->session);
+					else
+						cryptDestroySession(p->session);
 					p->session=-1;
 					ioctlsocket(p->sock,FIONBIO,(ulong*)&(p->nonblocking));
 					do_js_close(cx, p, false);
-- 
GitLab