From 17e10e1c43c7c0e215c99e3506be36f48f41e77d Mon Sep 17 00:00:00 2001
From: Curtis McEnroe <june@causal.agency>
Date: Sun, 27 Oct 2019 00:17:25 -0400
Subject: Explicitly tls_handshake new clients

This prevents a client connecting, sending nothing, and getting blocked
in tls_read immediately.
---
 bounce.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'bounce.c')

diff --git a/bounce.c b/bounce.c
index 703c566..b96326b 100644
--- a/bounce.c
+++ b/bounce.c
@@ -174,10 +174,17 @@ int main(int argc, char *argv[]) {
 			if (i < binds) {
 				int fd;
 				struct tls *tls = listenAccept(&fd, event.fds[i].fd);
-				eventAdd(fd, clientAlloc(tls));
-				// FIXME: This should only be done after a successful client
-				// registration.
-				if (!clients++) serverFormat("AWAY\r\n");
+				int error = tls_handshake(tls);
+				if (error) {
+					warnx("tls_handshake: %s", tls_error(tls));
+					tls_free(tls);
+					close(fd);
+				} else {
+					eventAdd(fd, clientAlloc(tls));
+					// FIXME: This should only be done after a successful
+					// client registration.
+					if (!clients++) serverFormat("AWAY\r\n");
+				}
 				continue;
 			}
 
-- 
cgit 1.4.1