From 3eb0bcd7a112a70bbdd61bedde4878ceae4e1297 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 1 Jan 2021 13:25:29 +0000 Subject: FreeBSD: harden against ClamAV connection errors --- src/src/malware.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/src/malware.c b/src/src/malware.c index 2883f225a..dfa8e2b4b 100644 --- a/src/src/malware.c +++ b/src/src/malware.c @@ -272,8 +272,19 @@ static inline int m_tcpsocket(const uschar * hostname, unsigned int port, host_item * host, uschar ** errstr, const blob * fastopen_blob) { -return ip_connectedsocket(SOCK_STREAM, hostname, port, port, 5, +int fd = ip_connectedsocket(SOCK_STREAM, hostname, port, port, 5, host, errstr, fastopen_blob); +#ifdef EXIM_TFO_FREEBSD +/* Under some fault conditions, FreeBSD 12.2 seen to send a (non-TFO) SYN +and, getting no response, wait for a long time. Impose a 5s max. */ +if (fd >= 0) + { + struct timeval tv = {.tv_sec = 5}; + fd_set fds; + FD_ZERO(fds); FD_SET(fd, &fds); (void) select(fd+1, NULL, &fds, NULL, &tv); + } +#endif +return fd; } #endif -- cgit v1.2.3