6 files changed, 42 insertions, 13 deletions

diff --git a/contrib/epee/include/net/abstract_tcp_server2.inl b/contrib/epee/include/net/abstract_tcp_server2.inl
index e455d0204..c52535dcd 100644
--- a/contrib/epee/include/net/abstract_tcp_server2.inl
+++ b/contrib/epee/include/net/abstract_tcp_server2.inl
@@ -559,7 +559,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 				while (!message.empty()) {
 					byte_slice chunk = message.take_slice(chunksize_good);
 
-					MDEBUG("chunk_start="<<chunk.data()<<" ptr="<<message_data<<" pos="<<(chunk.data() - message_data));
+					MDEBUG("chunk_start="<<(void*)chunk.data()<<" ptr="<<message_data<<" pos="<<(chunk.data() - message_data));
 					MDEBUG("part of " << message.size() << ": pos="<<(chunk.data() - message_data) << " len="<<chunk.size());
 
 					bool ok = do_send_chunk(std::move(chunk)); // <====== ***
@@ -984,8 +984,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
       boost::asio::ip::tcp::resolver::query query(address, boost::lexical_cast<std::string>(port), boost::asio::ip::tcp::resolver::query::canonical_name);
       boost::asio::ip::tcp::endpoint endpoint = *resolver.resolve(query);
       acceptor_.open(endpoint.protocol());
-      // Open the acceptor with the option to reuse the address (i.e. SO_REUSEADDR).
-      acceptor_.set_option(boost::asio::ip::tcp::acceptor::reuse_address(true));
+      acceptor_.set_option(boost::asio::ip::tcp::acceptor::linger(true, 0));
       acceptor_.bind(endpoint);
       acceptor_.listen();
       boost::asio::ip::tcp::endpoint binded_endpoint = acceptor_.local_endpoint();
@@ -1019,8 +1018,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
         boost::asio::ip::tcp::resolver::query query(address_ipv6, boost::lexical_cast<std::string>(port_ipv6), boost::asio::ip::tcp::resolver::query::canonical_name);
         boost::asio::ip::tcp::endpoint endpoint = *resolver.resolve(query);
         acceptor_ipv6.open(endpoint.protocol());
-        // Open the acceptor with the option to reuse the address (i.e. SO_REUSEADDR).
-        acceptor_ipv6.set_option(boost::asio::ip::tcp::acceptor::reuse_address(true));
+        acceptor_ipv6.set_option(boost::asio::ip::tcp::acceptor::linger(true, 0));
         acceptor_ipv6.set_option(boost::asio::ip::v6_only(true));
         acceptor_ipv6.bind(endpoint);
         acceptor_ipv6.listen();
diff --git a/contrib/epee/include/net/levin_protocol_handler_async.h b/contrib/epee/include/net/levin_protocol_handler_async.h
index 41f01e9a0..5774c0ba7 100644
--- a/contrib/epee/include/net/levin_protocol_handler_async.h
+++ b/contrib/epee/include/net/levin_protocol_handler_async.h
@@ -272,6 +272,11 @@ public:
   bool add_invoke_response_handler(const callback_t &cb, uint64_t timeout,  async_protocol_handler& con, int command)
   {
     CRITICAL_REGION_LOCAL(m_invoke_response_handlers_lock);
+    if (m_protocol_released)
+    {
+      MERROR("Adding response handler to a released object");
+      return false;
+    }
     boost::shared_ptr<invoke_response_handler_base> handler(boost::make_shared<anvoke_handler<callback_t>>(cb, timeout, con, command));
     m_invoke_response_handlers.push_back(handler);
     return handler->is_timer_started();
diff --git a/contrib/epee/include/net/net_helper.h b/contrib/epee/include/net/net_helper.h
index 2b02eafa4..81545e502 100644
--- a/contrib/epee/include/net/net_helper.h
+++ b/contrib/epee/include/net/net_helper.h
@@ -108,11 +108,12 @@ namespace net_utils
 				m_ssl_options(epee::net_utils::ssl_support_t::e_ssl_support_autodetect),
 				m_initialized(true),
 				m_connected(false),
-				m_deadline(m_io_service),
+				m_deadline(m_io_service, std::chrono::steady_clock::time_point::max()),
 				m_shutdowned(0),
 				m_bytes_sent(0),
 				m_bytes_received(0)
 		{
+			check_deadline();
 		}
 
 		/*! The first/second parameters are host/port respectively. The third
@@ -177,7 +178,7 @@ namespace net_utils
 					// SSL Options
 					if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_enabled || m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
 					{
-						if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, addr))
+						if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, addr, timeout))
 						{
 							if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
 							{
diff --git a/contrib/epee/include/net/net_ssl.h b/contrib/epee/include/net/net_ssl.h
index 3a97dfdaf..d2c1c1a3a 100644
--- a/contrib/epee/include/net/net_ssl.h
+++ b/contrib/epee/include/net/net_ssl.h
@@ -128,7 +128,11 @@ namespace net_utils
 
         \return True if the SSL handshake completes with peer verification
           settings. */
-    bool handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, boost::asio::ssl::stream_base::handshake_type type, const std::string& host = {}) const;
+    bool handshake(
+      boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
+      boost::asio::ssl::stream_base::handshake_type type,
+      const std::string& host = {},
+      std::chrono::milliseconds timeout = std::chrono::seconds(15)) const;
   };
 
         // https://security.stackexchange.com/questions/34780/checking-client-hello-for-https-classification
diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt
index 5c92e32bd..9b9fa5a47 100644
--- a/contrib/epee/src/CMakeLists.txt
+++ b/contrib/epee/src/CMakeLists.txt
@@ -29,7 +29,7 @@
 add_library(epee STATIC byte_slice.cpp hex.cpp http_auth.cpp mlog.cpp net_helper.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp
     levin_base.cpp memwipe.c connection_basic.cpp network_throttle.cpp network_throttle-detail.cpp mlocker.cpp buffer.cpp net_ssl.cpp)
 
-if (USE_READLINE AND (GNU_READLINE_FOUND OR DEPENDS AND NOT MINGW))
+if (USE_READLINE AND (GNU_READLINE_FOUND OR (DEPENDS AND NOT MINGW)))
   add_library(epee_readline STATIC readline_buffer.cpp)
 endif()
 
@@ -62,7 +62,7 @@ target_link_libraries(epee
     ${OPENSSL_LIBRARIES}
     ${EXTRA_LIBRARIES})
 
-if (USE_READLINE AND (GNU_READLINE_FOUND OR DEPENDS AND NOT MINGW))
+if (USE_READLINE AND (GNU_READLINE_FOUND OR (DEPENDS AND NOT MINGW)))
   target_link_libraries(epee_readline
     PUBLIC
       easylogging
diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp
index 7d48d2a64..c7dca1914 100644
--- a/contrib/epee/src/net_ssl.cpp
+++ b/contrib/epee/src/net_ssl.cpp
@@ -28,9 +28,11 @@
 
 #include <string.h>
 #include <boost/asio/ssl.hpp>
+#include <boost/lambda/lambda.hpp>
 #include <openssl/ssl.h>
 #include <openssl/pem.h>
 #include "misc_log_ex.h"
+#include "net/net_helper.h"
 #include "net/net_ssl.h"
 
 #undef MONERO_DEFAULT_LOG_CATEGORY
@@ -456,7 +458,11 @@ bool ssl_options_t::has_fingerprint(boost::asio::ssl::verify_context &ctx) const
   return false;
 }
 
-bool ssl_options_t::handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, boost::asio::ssl::stream_base::handshake_type type, const std::string& host) const
+bool ssl_options_t::handshake(
+  boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
+  boost::asio::ssl::stream_base::handshake_type type,
+  const std::string& host,
+  std::chrono::milliseconds timeout) const
 {
   socket.next_layer().set_option(boost::asio::ip::tcp::no_delay(true));
 
@@ -502,8 +508,23 @@ bool ssl_options_t::handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::soc
     });
   }
 
-  boost::system::error_code ec;
-  socket.handshake(type, ec);
+  auto& io_service = GET_IO_SERVICE(socket);
+  boost::asio::steady_timer deadline(io_service, timeout);
+  deadline.async_wait([&socket](const boost::system::error_code& error) {
+    if (error != boost::asio::error::operation_aborted)
+    {
+      socket.next_layer().close();
+    }
+  });
+
+  boost::system::error_code ec = boost::asio::error::would_block;
+  socket.async_handshake(type, boost::lambda::var(ec) = boost::lambda::_1);
+  while (ec == boost::asio::error::would_block)
+  {
+    io_service.reset();
+    io_service.run_one();
+  }
+
   if (ec)
   {
     MERROR("SSL handshake failed, connection dropped: " << ec.message());