projects
/
citadel.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
18da598
)
dont read/write to closed ssl context
author
Art Cancro
<ajc@citadel.org>
Sun, 9 Oct 2005 04:13:32 +0000
(
04:13
+0000)
committer
Art Cancro
<ajc@citadel.org>
Sun, 9 Oct 2005 04:13:32 +0000
(
04:13
+0000)
webcit/ChangeLog
patch
|
blob
|
history
webcit/crypto.c
patch
|
blob
|
history
diff --git
a/webcit/ChangeLog
b/webcit/ChangeLog
index 81ef96e09ac5625a8446eb1bd8522a1e94660909..4c1718064ecedb7e805ffe425cd3f72c476d5357 100644
(file)
--- a/
webcit/ChangeLog
+++ b/
webcit/ChangeLog
@@
-1,3
+1,8
@@
+Sun Oct 9 00:12:11 EDT 2005 Art Cancro <ajc@uncensored.citadel.org>
+* serv_crypto.c: don't attempt to continue reading/writing an SSL context
+ that has already been closed. Doing so crashes the webserver, which
+ some people consider a Bad Thing :)
+
Fri Oct 7 23:09:28 EDT 2005 Art Cancro <ajc@uncensored.citadel.org>
* Makefile: change "CVS" to ".svn" to avoid errors during make install
Fri Oct 7 23:09:28 EDT 2005 Art Cancro <ajc@uncensored.citadel.org>
* Makefile: change "CVS" to ".svn" to avoid errors during make install
diff --git
a/webcit/crypto.c
b/webcit/crypto.c
index 98f1450795b351fb7af7a0f05d5df8ab79dcfe2d..d55d8791aa9283202c842ba08b6bec61fa20f8ae 100644
(file)
--- a/
webcit/crypto.c
+++ b/
webcit/crypto.c
@@
-363,6
+363,8
@@
int starttls(int sock) {
*/
void endtls(void)
{
*/
void endtls(void)
{
+ if (THREADSSL == NULL) return;
+
lprintf(5, "Ending SSL/TLS\n");
SSL_shutdown(THREADSSL);
SSL_free(THREADSSL);
lprintf(5, "Ending SSL/TLS\n");
SSL_shutdown(THREADSSL);
SSL_free(THREADSSL);
@@
-390,16
+392,18
@@
void client_write_ssl(char *buf, int nbytes)
int nremain;
char junk[1];
int nremain;
char junk[1];
+ if (THREADSSL == NULL) return;
+
nremain = nbytes;
while (nremain > 0) {
if (SSL_want_write(THREADSSL)) {
if ((SSL_read(THREADSSL, junk, 0)) < 1) {
nremain = nbytes;
while (nremain > 0) {
if (SSL_want_write(THREADSSL)) {
if ((SSL_read(THREADSSL, junk, 0)) < 1) {
- lprintf(9, "SSL_read in client_write: %s\n", ERR_reason_error_string(ERR_get_error()));
+ lprintf(9, "SSL_read in client_write: %s\n",
+ ERR_reason_error_string(ERR_get_error()));
}
}
}
}
- retval =
- SSL_write(THREADSSL, &buf[nbytes - nremain], nremain);
+ retval = SSL_write(THREADSSL, &buf[nbytes - nremain], nremain);
if (retval < 1) {
long errval;
if (retval < 1) {
long errval;
@@
-410,8
+414,9
@@
void client_write_ssl(char *buf, int nbytes)
continue;
}
lprintf(9, "SSL_write got error %ld, ret %d\n", errval, retval);
continue;
}
lprintf(9, "SSL_write got error %ld, ret %d\n", errval, retval);
- if (retval == -1)
+ if (retval == -1)
{
lprintf(9, "errno is %d\n", errno);
lprintf(9, "errno is %d\n", errno);
+ }
endtls();
return;
}
endtls();
return;
}
@@
-434,6
+439,8
@@
int client_read_ssl(char *buf, int bytes, int timeout)
int len, rlen;
char junk[1];
int len, rlen;
char junk[1];
+ if (THREADSSL == NULL) return(0);
+
len = 0;
while (len < bytes) {
#if 0
len = 0;
while (len < bytes) {
#if 0