dovecot-2.1: login: Try to avoid busy-looping on SSL_accept() wh...
dovecot at dovecot.org
dovecot at dovecot.org
Fri Nov 23 08:52:12 EET 2012
details: http://hg.dovecot.org/dovecot-2.1/rev/e95479f439aa
changeset: 14803:e95479f439aa
user: Timo Sirainen <tss at iki.fi>
date: Fri Nov 23 08:52:06 2012 +0200
description:
login: Try to avoid busy-looping on SSL_accept() when client doesn't behave nicely.
diffstat:
src/login-common/ssl-proxy-openssl.c | 17 +++++++++++------
1 files changed, 11 insertions(+), 6 deletions(-)
diffs (63 lines):
diff -r c722bd39098b -r e95479f439aa src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Fri Nov 23 08:32:13 2012 +0200
+++ b/src/login-common/ssl-proxy-openssl.c Fri Nov 23 08:52:06 2012 +0200
@@ -394,8 +394,9 @@
return ssl_err2str(err, data, flags);
}
-static void ssl_handle_error(struct ssl_proxy *proxy, int ret,
- const char *func_name)
+static void
+ssl_handle_error(struct ssl_proxy *proxy, int ret, bool remove_wrong_direction,
+ const char *func_name)
{
const char *errstr = NULL;
int err;
@@ -408,9 +409,13 @@
switch (err) {
case SSL_ERROR_WANT_READ:
ssl_set_io(proxy, SSL_ADD_INPUT);
+ if (remove_wrong_direction)
+ ssl_set_io(proxy, SSL_REMOVE_OUTPUT);
break;
case SSL_ERROR_WANT_WRITE:
ssl_set_io(proxy, SSL_ADD_OUTPUT);
+ if (remove_wrong_direction)
+ ssl_set_io(proxy, SSL_REMOVE_INPUT);
break;
case SSL_ERROR_SYSCALL:
/* eat up the error queue */
@@ -458,13 +463,13 @@
if (proxy->client_proxy) {
ret = SSL_connect(proxy->ssl);
if (ret != 1) {
- ssl_handle_error(proxy, ret, "SSL_connect()");
+ ssl_handle_error(proxy, ret, TRUE, "SSL_connect()");
return;
}
} else {
ret = SSL_accept(proxy->ssl);
if (ret != 1) {
- ssl_handle_error(proxy, ret, "SSL_accept()");
+ ssl_handle_error(proxy, ret, TRUE, "SSL_accept()");
return;
}
}
@@ -491,7 +496,7 @@
sizeof(proxy->plainout_buf) -
proxy->plainout_size);
if (ret <= 0) {
- ssl_handle_error(proxy, ret, "SSL_read()");
+ ssl_handle_error(proxy, ret, FALSE, "SSL_read()");
break;
} else {
i_free_and_null(proxy->last_error);
@@ -507,7 +512,7 @@
ret = SSL_write(proxy->ssl, proxy->sslout_buf, proxy->sslout_size);
if (ret <= 0)
- ssl_handle_error(proxy, ret, "SSL_write()");
+ ssl_handle_error(proxy, ret, FALSE, "SSL_write()");
else {
i_free_and_null(proxy->last_error);
proxy->sslout_size -= ret;
More information about the dovecot-cvs
mailing list