From dd51b74c903db3478d7c0b8159323b2c72c5cd01 Mon Sep 17 00:00:00 2001 From: ps Date: Thu, 29 Sep 2011 19:48:21 +0000 Subject: [PATCH] fix bug when trying to enable ssl and not suceeding. now we handle it gracefully instead of failing and randomly crashing --- src/Proxy.cpp | 8 +++++--- src/Socket.cpp | 10 ++++++++-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/src/Proxy.cpp b/src/Proxy.cpp index f311d49..ae8141c 100644 --- a/src/Proxy.cpp +++ b/src/Proxy.cpp @@ -216,17 +216,19 @@ void Proxy::run(string &peer_address) #ifdef HAVE_SSL try { - LINF("STARTTLS issued by remote, TLS enabled"); - outside.writeLine("220 You can speak now, line is secure!!"); outside.enableSSL(true); + LINF("STARTTLS issued by remote, TLS enabled"); + outside.writeLine("220 You can speak now, line is secure!!"); } catch(Exception &e) { + LINF("STARTTLS issued by remote, but enableSSL failed!"); LERR(e); + outside.writeLine("454 Tried to enable SSL but failed"); } #else outside.writeLine("454 TLS temporarily not available"); - LINF("STARTTLS issued by remote, TLS was not enabled because this build lacks SSL support"); + LINF("STARTTLS issued by remote, TLS was not enabled because this build lacks SSL support"); #endif //HAVE_SSL strtemp=""; } diff --git a/src/Socket.cpp b/src/Socket.cpp index 801c424..a33c9a6 100644 --- a/src/Socket.cpp +++ b/src/Socket.cpp @@ -159,6 +159,8 @@ Socket::~Socket() */ void Socket::enableSSL(bool server) { + int retval; + if(server) ssl=SSL_new(ssl_ctx_server); else @@ -172,9 +174,13 @@ void Socket::enableSSL(bool server) throw Exception(_("Error creating ssl structure"),__FILE__,__LINE__); if(server) - SSL_accept(ssl); + retval=SSL_accept(ssl); else - SSL_connect(ssl); + retval=SSL_connect(ssl); + + //SSL_accept and SSL_connect have the same semantics so we handle them together + if(1!=retval) + throw Exception(_("Error enabling SSL on the socket"),__FILE__,__LINE__); } #endif //HAVE_SSL