diff options
| author | June McEnroe <june@causal.agency> | 2020-11-13 19:57:51 -0500 |
|---|---|---|
| committer | June McEnroe <june@causal.agency> | 2020-11-13 21:56:46 -0500 |
| commit | bba1229c863469f7b3541d525af1f0e07e1ccdd1 (patch) | |
| tree | 3877813ed2622b92b549fc27434a95aee650047d /bounce.c | |
| parent | Use a fixed size pollfd array in calico (diff) | |
| download | pounce-bba1229c863469f7b3541d525af1f0e07e1ccdd1.tar.gz pounce-bba1229c863469f7b3541d525af1f0e07e1ccdd1.zip | |
Wait for POLLIN to do client tls_handshake
Otherwise a client could cause pounce to hang (since the sockets are left blocking) by opening a connection without handshaking! Oops, that's pretty bad. Since the sockets are still blocking, a hang can still be caused by a client sending a partial handshake then waiting. More fixes to follow. pounce is slightly protected from this when used with calico, as it applies a timeout to waiting for the ClientHello.
Diffstat (limited to '')
| -rw-r--r-- | bounce.c | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/bounce.c b/bounce.c index ec1925c..5b5e524 100644 --- a/bounce.c +++ b/bounce.c @@ -486,15 +486,7 @@ int main(int argc, char *argv[]) { warn("accept"); continue; } - - error = tls_handshake(tls); - if (error) { - warnx("tls_handshake: %s", tls_error(tls)); - tls_free(tls); - close(fd); - } else { - eventAdd(fd, clientAlloc(tls)); - } + eventAdd(fd, clientAlloc(tls)); continue; } |