[dovecot-cvs] dovecot/src/login-common ssl-proxy-openssl.c, 1.37.2.3, 1.37.2.4

cras at dovecot.org cras at dovecot.org
Mon Jul 24 02:19:04 EEST 2006


Update of /var/lib/cvs/dovecot/src/login-common
In directory talvi:/tmp/cvs-serv17670

Modified Files:
      Tag: branch_1_0
	ssl-proxy-openssl.c 
Log Message:
Don't constantly re-read ssl-parameters.dat. Make sure that in input handler
we read everything that SSL_read() has buffered so we don't get stuck.



Index: ssl-proxy-openssl.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/ssl-proxy-openssl.c,v
retrieving revision 1.37.2.3
retrieving revision 1.37.2.4
diff -u -d -r1.37.2.3 -r1.37.2.4
--- ssl-proxy-openssl.c	1 Jul 2006 22:54:43 -0000	1.37.2.3
+++ ssl-proxy-openssl.c	23 Jul 2006 23:19:02 -0000	1.37.2.4
@@ -59,7 +59,7 @@
 
 struct ssl_parameters {
 	const char *fname;
-	time_t last_mtime;
+	time_t last_mtime, last_check;
 	int fd;
 
 	DH *dh_512, *dh_1024;
@@ -135,6 +135,7 @@
 
 static void ssl_read_parameters(struct ssl_parameters *params)
 {
+	struct stat st;
 	bool warned = FALSE;
 
 	/* we'll wait until parameter file exists */
@@ -156,6 +157,11 @@
 		sleep(1);
 	}
 
+	if (fstat(params->fd, &st) < 0)
+		i_error("fstat(%s) failed: %m", params->fname);
+	else
+		params->last_mtime = st.st_mtime;
+
 	ssl_free_parameters(params);
 	while (read_dh_parameters_next(params)) ;
 
@@ -168,8 +174,9 @@
 {
 	struct stat st;
 
-	if (params->last_mtime > ioloop_time - SSL_PARAMFILE_CHECK_INTERVAL)
+	if (params->last_check > ioloop_time - SSL_PARAMFILE_CHECK_INTERVAL)
 		return;
+	params->last_check = ioloop_time;
 
 	if (params->last_mtime == 0)
 		ssl_read_parameters(params);
@@ -364,18 +371,21 @@
 		proxy->ssl_want_size = 0;
 	}
 
-	ret = SSL_read(proxy->ssl, buf, size);
-	if (ret <= 0) {
-		ssl_handle_error(proxy, ret, "SSL_read()", ssl_input, size);
-		return;
-	}
-	o_stream_cork(proxy->plain_output);
-	ret2 = o_stream_send(proxy->plain_output, buf, ret);
-	i_assert(ret2 < 0 || ret2 == ret);
-	o_stream_uncork(proxy->plain_output);
+	for (;;) {
+		ret = SSL_read(proxy->ssl, buf, size);
+		if (ret <= 0) {
+			ssl_handle_error(proxy, ret, "SSL_read()",
+					 ssl_input, size);
+			return;
+		}
+		o_stream_cork(proxy->plain_output);
+		ret2 = o_stream_send(proxy->plain_output, buf, ret);
+		i_assert(ret2 < 0 || ret2 == ret);
+		o_stream_uncork(proxy->plain_output);
 
-	if (proxy->sslout_size > 0)
-		ssl_output(proxy);
+		if (proxy->sslout_size > 0)
+			ssl_output(proxy);
+	}
 }
 
 static void ssl_output(struct ssl_proxy *proxy)



More information about the dovecot-cvs mailing list