1 files changed, 27 insertions, 15 deletions

diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c
index b973a7333..e5528231c 100644
--- a/lib/vquic/ngtcp2.c
+++ b/lib/vquic/ngtcp2.c
@@ -256,11 +256,11 @@ static int quic_set_encryption_secrets(SSL *ssl,
   int level = quic_from_ossl_level(ossl_level);
 
   if(ngtcp2_crypto_derive_and_install_rx_key(
-         qs->qconn, NULL, NULL, NULL, level, rx_secret, secretlen) != 0)
+       qs->qconn, NULL, NULL, NULL, level, rx_secret, secretlen) != 0)
     return 0;
 
   if(ngtcp2_crypto_derive_and_install_tx_key(
-         qs->qconn, NULL, NULL, NULL, level, tx_secret, secretlen) != 0)
+       qs->qconn, NULL, NULL, NULL, level, tx_secret, secretlen) != 0)
     return 0;
 
   if(level == NGTCP2_CRYPTO_LEVEL_APP) {
@@ -341,9 +341,7 @@ static int quic_init_ssl(struct quicsocket *qs)
   /* this will need some attention when HTTPS proxy over QUIC get fixed */
   const char * const hostname = qs->conn->host.name;
 
-  if(qs->ssl)
-    SSL_free(qs->ssl);
-
+  DEBUGASSERT(!qs->ssl);
   qs->ssl = SSL_new(qs->sslctx);
 
   SSL_set_app_data(qs->ssl, qs);
@@ -375,11 +373,11 @@ static int secret_func(gnutls_session_t ssl,
 
   if(level != NGTCP2_CRYPTO_LEVEL_EARLY &&
      ngtcp2_crypto_derive_and_install_rx_key(
-         qs->qconn, NULL, NULL, NULL, level, rx_secret, secretlen) != 0)
+       qs->qconn, NULL, NULL, NULL, level, rx_secret, secretlen) != 0)
     return 0;
 
   if(ngtcp2_crypto_derive_and_install_tx_key(
-         qs->qconn, NULL, NULL, NULL, level, tx_secret, secretlen) != 0)
+       qs->qconn, NULL, NULL, NULL, level, tx_secret, secretlen) != 0)
     return 0;
 
   if(level == NGTCP2_CRYPTO_LEVEL_APP) {
@@ -429,8 +427,8 @@ static int tp_recv_func(gnutls_session_t ssl, const uint8_t *data,
   ngtcp2_transport_params params;
 
   if(ngtcp2_decode_transport_params(
-         &params, NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS,
-         data, data_size) != 0)
+       &params, NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS,
+       data, data_size) != 0)
     return -1;
 
   if(ngtcp2_conn_set_remote_transport_params(qs->qconn, &params) != 0)
@@ -471,8 +469,7 @@ static int quic_init_ssl(struct quicsocket *qs)
   const char * const hostname = qs->conn->host.name;
   int rc;
 
-  if(qs->ssl)
-    gnutls_deinit(qs->ssl);
+  DEBUGASSERT(!qs->ssl);
 
   gnutls_init(&qs->ssl, GNUTLS_CLIENT);
   gnutls_session_set_ptr(qs->ssl, qs);
@@ -782,6 +779,8 @@ CURLcode Curl_quic_connect(struct connectdata *conn,
   long port;
   int qfd;
 
+  if(qs->conn)
+    Curl_quic_disconnect(conn, sockindex);
   qs->conn = conn;
 
   /* extract the used address as a string */
@@ -880,11 +879,16 @@ static int ng_perform_getsock(const struct connectdata *conn,
   return ng_getsock((struct connectdata *)conn, socks);
 }
 
-static CURLcode qs_disconnect(struct quicsocket *qs)
+static void qs_disconnect(struct quicsocket *qs)
 {
   int i;
-  if(qs->qlogfd != -1)
+  if(!qs->conn) /* already closed */
+    return;
+  qs->conn = NULL;
+  if(qs->qlogfd != -1) {
     close(qs->qlogfd);
+    qs->qlogfd = -1;
+  }
   if(qs->ssl)
 #ifdef USE_OPENSSL
     SSL_free(qs->ssl);
@@ -903,14 +907,22 @@ static CURLcode qs_disconnect(struct quicsocket *qs)
 #ifdef USE_OPENSSL
   SSL_CTX_free(qs->sslctx);
 #endif
-  return CURLE_OK;
+}
+
+void Curl_quic_disconnect(struct connectdata *conn,
+                          int tempindex)
+{
+  if(conn->transport == TRNSPRT_QUIC)
+    qs_disconnect(&conn->hequic[tempindex]);
 }
 
 static CURLcode ng_disconnect(struct connectdata *conn,
                               bool dead_connection)
 {
   (void)dead_connection;
-  return qs_disconnect(&conn->hequic[0]);
+  Curl_quic_disconnect(conn, 0);
+  Curl_quic_disconnect(conn, 1);
+  return CURLE_OK;
 }
 
 static unsigned int ng_conncheck(struct connectdata *conn,