fix bug when trying to enable ssl and not suceeding. now we handle it gracefully instead of failing and randomly crashing

This commit is contained in:
ps 2011-09-29 19:48:21 +00:00
parent 25b8d879d9
commit dd51b74c90
2 changed files with 13 additions and 5 deletions

View file

@ -216,13 +216,15 @@ void Proxy::run(string &peer_address)
#ifdef HAVE_SSL #ifdef HAVE_SSL
try try
{ {
outside.enableSSL(true);
LINF("STARTTLS issued by remote, TLS enabled"); LINF("STARTTLS issued by remote, TLS enabled");
outside.writeLine("220 You can speak now, line is secure!!"); outside.writeLine("220 You can speak now, line is secure!!");
outside.enableSSL(true);
} }
catch(Exception &e) catch(Exception &e)
{ {
LINF("STARTTLS issued by remote, but enableSSL failed!");
LERR(e); LERR(e);
outside.writeLine("454 Tried to enable SSL but failed");
} }
#else #else
outside.writeLine("454 TLS temporarily not available"); outside.writeLine("454 TLS temporarily not available");

View file

@ -159,6 +159,8 @@ Socket::~Socket()
*/ */
void Socket::enableSSL(bool server) void Socket::enableSSL(bool server)
{ {
int retval;
if(server) if(server)
ssl=SSL_new(ssl_ctx_server); ssl=SSL_new(ssl_ctx_server);
else else
@ -172,9 +174,13 @@ void Socket::enableSSL(bool server)
throw Exception(_("Error creating ssl structure"),__FILE__,__LINE__); throw Exception(_("Error creating ssl structure"),__FILE__,__LINE__);
if(server) if(server)
SSL_accept(ssl); retval=SSL_accept(ssl);
else else
SSL_connect(ssl); retval=SSL_connect(ssl);
//SSL_accept and SSL_connect have the same semantics so we handle them together
if(1!=retval)
throw Exception(_("Error enabling SSL on the socket"),__FILE__,__LINE__);
} }
#endif //HAVE_SSL #endif //HAVE_SSL