Project

General

Profile

lighttpd-1.5-ssl-dos.patch

similar patch against svn trunk (1.5) - hoffie, 2008-03-26 23:30

View differences:

src/connections.c (Arbeitskopie)
1486 1486
#ifdef USE_OPENSSL
1487 1487
			if (srv_sock->is_ssl) {
1488 1488
				int ret;
1489
				ERR_clear_error();
1489 1490
				switch ((ret = SSL_shutdown(con->sock->ssl))) {
1490 1491
				case 1:
1491 1492
					/* ok */
src/network_openssl.c (Arbeitskopie)
40 40
	UNUSED(srv);
41 41
	UNUSED(con);
42 42

  
43
	ERR_clear_error();
43 44
	do {
44 45
		int oerrno;
45 46
		b = chunkqueue_get_append_buffer(cq);
......
85 86
				} else {
86 87
					switch(oerrno) {
87 88
					case EPIPE:
89
						ERR_clear_error();
88 90
					case ECONNRESET:
89 91
						return NETWORK_STATUS_CONNECTION_CLOSE;
90 92
					default:
......
183 185
			 * checking toSend and not calling SSL_write() is simpler
184 186
			 */
185 187

  
188
			ERR_clear_error();
186 189
			if (toSend != 0 && (r = SSL_write(sock->ssl, offset, toSend)) <= 0) {
187 190
				unsigned long err;
188 191

  
......
287 290

  
288 291
				close(ifd);
289 292

  
293
				ERR_clear_error();
290 294
				if ((r = SSL_write(sock->ssl, s, toSend)) <= 0) {
291 295
					unsigned long err;
292 296