refactor(portal-tcp): return a new socket in starttls

author: Clombrong <cromblong@egregore.fun> 2025-08-27 00:37:05 +0200
committer: Clombrong <cromblong@egregore.fun> 2025-08-27 00:37:18 +0200
commit: 7e600cdbcb9d6ec4684eabd0961f5d271162ede3 (patch)
tree: 3f7805b3765b364e9163a8d84a3e73dcf3ff6596
parent: bda066a4643c74983871087e541ae90e16a467af (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/portal/tcp/portal.ml b/portal/tcp/portal.ml
index d84c9e6..07552ba 100644
--- a/portal/tcp/portal.ml
+++ b/portal/tcp/portal.ml
@@ -168,8 +168,9 @@ let upgrade_to_tls (fd : Lwt_unix.file_descr) : Tls_lwt.Unix.t Lwt.t =
     Tls_lwt.Unix.client_of_fd tls_config fd
   with Failure msg -> Lwt.fail_with msg
 
-let starttls (portal : t) : unit Lwt.t =
-  let+ tls_sock = match portal._socket with
+let starttls (bare : socket) : socket Lwt.t =
+  match bare with
+    | Tls _ -> Lwt.fail_with "TLS is already enabled on this socket!"
     | Plain {socket; domain; _} ->
        let+ socket = upgrade_to_tls socket
        in Tls { socket;
@@ -178,8 +179,6 @@ let starttls (portal : t) : unit Lwt.t =
                 write=Tls_lwt.Unix.write_bytes;
                 close=Tls_lwt.Unix.close
             }
-    | Tls _ -> Lwt.fail_with "TLS is already enabled on this socket!"
-  in portal._socket <- tls_sock
 
 let _encrypted = function
   | Plain _ -> false
author	Clombrong <cromblong@egregore.fun>	2025-08-27 00:37:05 +0200
committer	Clombrong <cromblong@egregore.fun>	2025-08-27 00:37:18 +0200
commit	7e600cdbcb9d6ec4684eabd0961f5d271162ede3 (patch)
tree	3f7805b3765b364e9163a8d84a3e73dcf3ff6596
parent	bda066a4643c74983871087e541ae90e16a467af (diff)