[PATCH] openssl_client: ignore SSL_accept errors during negotiotion

yahns Ruby server user/dev discussion
 help / color / mirror / code / Atom feed

* [PATCH] openssl_client: ignore SSL_accept errors during negotiotion
@ 2014-12-20  4:11 Eric Wong
  0 siblings, 0 replies; only message in thread
From: Eric Wong @ 2014-12-20  4:11 UTC (permalink / raw)
  To: yahns-public

Otherwise, we may encounter too much log spam from ordinary
shutdown or malicious (or dumb) clients which send us invalid
data to an SSL port.
---
 lib/yahns/openssl_client.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/yahns/openssl_client.rb b/lib/yahns/openssl_client.rb
index e4e76c9..619e316 100644
--- a/lib/yahns/openssl_client.rb
+++ b/lib/yahns/openssl_client.rb
@@ -34,6 +34,8 @@ module Yahns::OpenSSLClient # :nodoc:
         return :wait_readable
       rescue IO::WaitWritable
         return :wait_writable
+      rescue OpenSSL::SSL::SSLError
+        return nil
       end
       @need_accept = false
     end
-- 
EW


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2014-12-20  4:11 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-20  4:11 [PATCH] openssl_client: ignore SSL_accept errors during negotiotion Eric Wong

Code repositories for project(s) associated with this public inbox

	https://yhbt.net/yahns.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).