From 29a569fa74177f1cf7d9a2597a46f78e88da97fe Mon Sep 17 00:00:00 2001 From: danieldg Date: Wed, 3 Feb 2010 21:43:02 +0000 Subject: Fix STARTTLS sending the 670 numeric within the SSL session, not prior to it git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12366 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/extra/m_ssl_gnutls.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'src/modules/extra') diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 374431752..3e72fbd36 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -105,6 +105,15 @@ class CommandStartTLS : public SplitCommand if (!user->eh.GetIOHook()) { user->WriteNumeric(670, "%s :STARTTLS successful, go ahead with TLS handshake", user->nick.c_str()); + /* We need to flush the write buffer prior to adding the IOHook, + * otherwise we'll be sending this line inside the SSL session - which + * won't start its handshake until the client gets this line. Currently, + * we assume the write will not block here; this is usually safe, as + * STARTTLS is sent very early on in the registration phase, where the + * user hasn't built up much sendq. Handling a blocked write here would + * be very annoying. + */ + user->eh.DoWrite(); user->eh.AddIOHook(creator); creator->OnStreamSocketAccept(&user->eh, NULL, NULL); } -- cgit v1.2.3