From: Art Cancro <ajc@citadel.org>
Date: Wed, 21 Jun 2006 03:26:57 +0000 (+0000)
Subject: citadel_ipc.c: comment out block of code that
X-Git-Tag: v7.86~4004
X-Git-Url: https://code.citadel.org/?a=commitdiff_plain;h=86fb0a638d8584e86fc9e4f7bda603334dd46bd1;p=citadel.git

citadel_ipc.c: comment out block of code that
handles certain OpenSSL errors incorrectly.  It was recursing into itself
infinitely until a stack overflow.  The condition under which this occurs
has not been located or fixed, but at least now it will exit with an
OpenSSL error message.
---

diff --git a/citadel/citadel_ipc.c b/citadel/citadel_ipc.c
index 72c4900dd..71b2e89ab 100644
--- a/citadel/citadel_ipc.c
+++ b/citadel/citadel_ipc.c
@@ -2663,11 +2663,17 @@ static void serv_read_ssl(CtdlIPC* ipc, char *buf, unsigned int bytes)
 				sleep(1);
 				continue;
 			}
+/***
+ Not sure why we'd want to handle these error codes any differently,
+ but this definitely isn't the way to handle them.  Someone must have
+ naively assumed that we could fall back to unencrypted communications,
+ but all it does is just recursively blow the stack.
 			if (errval == SSL_ERROR_ZERO_RETURN ||
 					errval == SSL_ERROR_SSL) {
 				serv_read(ipc, &buf[len], bytes - len);
 				return;
 			}
+ ***/
 			error_printf("SSL_read in serv_read: %s\n",
 					ERR_reason_error_string(ERR_peek_error()));
 			connection_died(ipc, 1);