diff options
author | danieldg <danieldg@e03df62e-2008-0410-955e-edbf42e46eb7> | 2010-02-03 21:43:02 +0000 |
---|---|---|
committer | danieldg <danieldg@e03df62e-2008-0410-955e-edbf42e46eb7> | 2010-02-03 21:43:02 +0000 |
commit | 29a569fa74177f1cf7d9a2597a46f78e88da97fe (patch) | |
tree | 36e077a32d2a572b77359f4905d0edf81f68d8db | |
parent | 57f2915b8ba91004925aa1e8a6b29b441663a07c (diff) |
Fix STARTTLS sending the 670 numeric within the SSL session, not prior to it
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12366 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r-- | src/modules/extra/m_ssl_gnutls.cpp | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 374431752..3e72fbd36 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -105,6 +105,15 @@ class CommandStartTLS : public SplitCommand if (!user->eh.GetIOHook()) { user->WriteNumeric(670, "%s :STARTTLS successful, go ahead with TLS handshake", user->nick.c_str()); + /* We need to flush the write buffer prior to adding the IOHook, + * otherwise we'll be sending this line inside the SSL session - which + * won't start its handshake until the client gets this line. Currently, + * we assume the write will not block here; this is usually safe, as + * STARTTLS is sent very early on in the registration phase, where the + * user hasn't built up much sendq. Handling a blocked write here would + * be very annoying. + */ + user->eh.DoWrite(); user->eh.AddIOHook(creator); creator->OnStreamSocketAccept(&user->eh, NULL, NULL); } |