Project

General

Profile

ssl-read-limit.patch

ste, 2017-01-09 14:52

Download (1.34 KB)

View differences:

src/connections-glue.c
100 100

  
101 101
static int connection_handle_read_ssl(server *srv, connection *con) {
102 102
#ifdef USE_OPENSSL
103
	int r, ssl_err, len;
103
	int r, ssl_err, len, count = 0;
104 104
	char *mem = NULL;
105 105
	size_t mem_len = 0;
106 106

  
......
115 115
#endif
116 116

  
117 117
		len = SSL_read(con->ssl, mem, mem_len);
118
		if (len > 0) {
119
			chunkqueue_use_memory(con->read_queue, len);
120
			con->bytes_read += len;
121
		} else {
122
			chunkqueue_use_memory(con->read_queue, 0);
123
		}
118
		chunkqueue_use_memory(con->read_queue, len > 0 ? len : 0);
124 119

  
125 120
		if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {
126 121
			log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client, killing connection");
127 122
			connection_set_state(srv, con, CON_STATE_ERROR);
128 123
			return -1;
129 124
		}
130
	} while (len > 0);
125

  
126
		if (len > 0) {
127
			con->bytes_read += len;
128
			count += len;
129
		}
130
	} while (len == (ssize_t) mem_len && count < MAX_READ_LIMIT);
131

  
131 132

  
132 133
	if (len < 0) {
133 134
		int oerrno = errno;
......
206 207
		connection_set_state(srv, con, CON_STATE_ERROR);
207 208

  
208 209
		return -1;
209
	} else { /*(len == 0)*/
210
	} else if (len == 0) {
210 211
		con->is_readable = 0;
211 212
		/* the other end close the connection -> KEEP-ALIVE */
212 213

  
213 214
		return -2;
215
	} else {
216
		joblist_append(srv, con);
214 217
	}
218

  
219
	return 0;
215 220
#else
216 221
	UNUSED(srv);
217 222
	UNUSED(con);