diff options
Diffstat (limited to 'contrib/epee')
-rw-r--r-- | contrib/epee/include/net/abstract_tcp_server2.inl | 2 | ||||
-rw-r--r-- | contrib/epee/include/net/net_helper.h | 5 | ||||
-rw-r--r-- | contrib/epee/include/net/net_ssl.h | 6 | ||||
-rw-r--r-- | contrib/epee/src/CMakeLists.txt | 4 | ||||
-rw-r--r-- | contrib/epee/src/net_ssl.cpp | 27 |
5 files changed, 35 insertions, 9 deletions
diff --git a/contrib/epee/include/net/abstract_tcp_server2.inl b/contrib/epee/include/net/abstract_tcp_server2.inl index c48deb31d..c52535dcd 100644 --- a/contrib/epee/include/net/abstract_tcp_server2.inl +++ b/contrib/epee/include/net/abstract_tcp_server2.inl @@ -559,7 +559,7 @@ PRAGMA_WARNING_DISABLE_VS(4355) while (!message.empty()) { byte_slice chunk = message.take_slice(chunksize_good); - MDEBUG("chunk_start="<<chunk.data()<<" ptr="<<message_data<<" pos="<<(chunk.data() - message_data)); + MDEBUG("chunk_start="<<(void*)chunk.data()<<" ptr="<<message_data<<" pos="<<(chunk.data() - message_data)); MDEBUG("part of " << message.size() << ": pos="<<(chunk.data() - message_data) << " len="<<chunk.size()); bool ok = do_send_chunk(std::move(chunk)); // <====== *** diff --git a/contrib/epee/include/net/net_helper.h b/contrib/epee/include/net/net_helper.h index 2b02eafa4..81545e502 100644 --- a/contrib/epee/include/net/net_helper.h +++ b/contrib/epee/include/net/net_helper.h @@ -108,11 +108,12 @@ namespace net_utils m_ssl_options(epee::net_utils::ssl_support_t::e_ssl_support_autodetect), m_initialized(true), m_connected(false), - m_deadline(m_io_service), + m_deadline(m_io_service, std::chrono::steady_clock::time_point::max()), m_shutdowned(0), m_bytes_sent(0), m_bytes_received(0) { + check_deadline(); } /*! The first/second parameters are host/port respectively. The third @@ -177,7 +178,7 @@ namespace net_utils // SSL Options if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_enabled || m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect) { - if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, addr)) + if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, addr, timeout)) { if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect) { diff --git a/contrib/epee/include/net/net_ssl.h b/contrib/epee/include/net/net_ssl.h index 3a97dfdaf..d2c1c1a3a 100644 --- a/contrib/epee/include/net/net_ssl.h +++ b/contrib/epee/include/net/net_ssl.h @@ -128,7 +128,11 @@ namespace net_utils \return True if the SSL handshake completes with peer verification settings. */ - bool handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, boost::asio::ssl::stream_base::handshake_type type, const std::string& host = {}) const; + bool handshake( + boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, + boost::asio::ssl::stream_base::handshake_type type, + const std::string& host = {}, + std::chrono::milliseconds timeout = std::chrono::seconds(15)) const; }; // https://security.stackexchange.com/questions/34780/checking-client-hello-for-https-classification diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt index 5c92e32bd..9b9fa5a47 100644 --- a/contrib/epee/src/CMakeLists.txt +++ b/contrib/epee/src/CMakeLists.txt @@ -29,7 +29,7 @@ add_library(epee STATIC byte_slice.cpp hex.cpp http_auth.cpp mlog.cpp net_helper.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp levin_base.cpp memwipe.c connection_basic.cpp network_throttle.cpp network_throttle-detail.cpp mlocker.cpp buffer.cpp net_ssl.cpp) -if (USE_READLINE AND (GNU_READLINE_FOUND OR DEPENDS AND NOT MINGW)) +if (USE_READLINE AND (GNU_READLINE_FOUND OR (DEPENDS AND NOT MINGW))) add_library(epee_readline STATIC readline_buffer.cpp) endif() @@ -62,7 +62,7 @@ target_link_libraries(epee ${OPENSSL_LIBRARIES} ${EXTRA_LIBRARIES}) -if (USE_READLINE AND (GNU_READLINE_FOUND OR DEPENDS AND NOT MINGW)) +if (USE_READLINE AND (GNU_READLINE_FOUND OR (DEPENDS AND NOT MINGW))) target_link_libraries(epee_readline PUBLIC easylogging diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp index 7d48d2a64..c7dca1914 100644 --- a/contrib/epee/src/net_ssl.cpp +++ b/contrib/epee/src/net_ssl.cpp @@ -28,9 +28,11 @@ #include <string.h> #include <boost/asio/ssl.hpp> +#include <boost/lambda/lambda.hpp> #include <openssl/ssl.h> #include <openssl/pem.h> #include "misc_log_ex.h" +#include "net/net_helper.h" #include "net/net_ssl.h" #undef MONERO_DEFAULT_LOG_CATEGORY @@ -456,7 +458,11 @@ bool ssl_options_t::has_fingerprint(boost::asio::ssl::verify_context &ctx) const return false; } -bool ssl_options_t::handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, boost::asio::ssl::stream_base::handshake_type type, const std::string& host) const +bool ssl_options_t::handshake( + boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, + boost::asio::ssl::stream_base::handshake_type type, + const std::string& host, + std::chrono::milliseconds timeout) const { socket.next_layer().set_option(boost::asio::ip::tcp::no_delay(true)); @@ -502,8 +508,23 @@ bool ssl_options_t::handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::soc }); } - boost::system::error_code ec; - socket.handshake(type, ec); + auto& io_service = GET_IO_SERVICE(socket); + boost::asio::steady_timer deadline(io_service, timeout); + deadline.async_wait([&socket](const boost::system::error_code& error) { + if (error != boost::asio::error::operation_aborted) + { + socket.next_layer().close(); + } + }); + + boost::system::error_code ec = boost::asio::error::would_block; + socket.async_handshake(type, boost::lambda::var(ec) = boost::lambda::_1); + while (ec == boost::asio::error::would_block) + { + io_service.reset(); + io_service.run_one(); + } + if (ec) { MERROR("SSL handshake failed, connection dropped: " << ec.message()); |