summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2019-10-27 00:17:25 -0400
committerJune McEnroe <june@causal.agency>2019-10-27 00:17:25 -0400
commit17e10e1c43c7c0e215c99e3506be36f48f41e77d (patch)
tree3a7504e9ab2e342e50d27566732402e54aa6d8da
parentDocument rationale (diff)
downloadpounce-17e10e1c43c7c0e215c99e3506be36f48f41e77d.tar.gz
pounce-17e10e1c43c7c0e215c99e3506be36f48f41e77d.zip
Explicitly tls_handshake new clients
This prevents a client connecting, sending nothing, and getting blocked
in tls_read immediately.
Diffstat (limited to '')
-rw-r--r--bounce.c15
1 files changed, 11 insertions, 4 deletions
diff --git a/bounce.c b/bounce.c
index 703c566..b96326b 100644
--- a/bounce.c
+++ b/bounce.c
@@ -174,10 +174,17 @@ int main(int argc, char *argv[]) {
 			if (i < binds) {
 				int fd;
 				struct tls *tls = listenAccept(&fd, event.fds[i].fd);
-				eventAdd(fd, clientAlloc(tls));
-				// FIXME: This should only be done after a successful client
-				// registration.
-				if (!clients++) serverFormat("AWAY\r\n");
+				int error = tls_handshake(tls);
+				if (error) {
+					warnx("tls_handshake: %s", tls_error(tls));
+					tls_free(tls);
+					close(fd);
+				} else {
+					eventAdd(fd, clientAlloc(tls));
+					// FIXME: This should only be done after a successful
+					// client registration.
+					if (!clients++) serverFormat("AWAY\r\n");
+				}
 				continue;
 			}