- Fixed bug where ircd didn't timeout SSL connections that haven't

finished the SSL handshake. Reported by Adam. git-svn-id: svn://svn.ircd-hybrid.org/svnroot/ircd-hybrid/branches/8.1.x@2724 82007160-df01-0410-b94d-b575c5fd34c7
author: michael <michael@82007160-df01-0410-b94d-b575c5fd34c7> 2013-12-29 13:00:42 +0000
committer: michael <michael@82007160-df01-0410-b94d-b575c5fd34c7> 2013-12-29 13:00:42 +0000
commit: 51285b4b54ec4f799ff9bcc81f3fe418b6a70864 (patch)
tree: 1b77783a77b1ab303600aea86c2012ba3c7ea182 /src/s_bsd.c
parent: b6e0e862ead17a6b9fe277634e8e08eaefb8bc11 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/src/s_bsd.c b/src/s_bsd.c
index 89ba44d..5750b39 100644
--- a/src/s_bsd.c
+++ b/src/s_bsd.c
@@ -239,16 +239,22 @@ ssl_handshake(int fd, struct Client *client_p)
 
   if ((ret = SSL_accept(client_p->localClient->fd.ssl)) <= 0)
   {
+    if ((CurrentTime - client_p->localClient->firsttime) > 30)
+    {
+      exit_client(client_p, client_p, "Timeout during SSL handshake");
+      return;
+    }
+
     switch (SSL_get_error(client_p->localClient->fd.ssl, ret))
     {
       case SSL_ERROR_WANT_WRITE:
         comm_setselect(&client_p->localClient->fd, COMM_SELECT_WRITE,
-	               (PF *) ssl_handshake, client_p, 0);
+	               (PF *) ssl_handshake, client_p, 30);
         return;
 
       case SSL_ERROR_WANT_READ:
         comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ,
-	               (PF *) ssl_handshake, client_p, 0);
+	               (PF *) ssl_handshake, client_p, 30);
         return;
 
       default:
author	michael <michael@82007160-df01-0410-b94d-b575c5fd34c7>	2013-12-29 13:00:42 +0000
committer	michael <michael@82007160-df01-0410-b94d-b575c5fd34c7>	2013-12-29 13:00:42 +0000
commit	51285b4b54ec4f799ff9bcc81f3fe418b6a70864 (patch)
tree	1b77783a77b1ab303600aea86c2012ba3c7ea182 /src/s_bsd.c
parent	b6e0e862ead17a6b9fe277634e8e08eaefb8bc11 (diff)