Diff

plugins/mod_tls.lua @ 12483:988a3a7e1f35

mod_tls: tell network backend to stop reading while preparing TLS
author Jonas Schäfer <jonas@wielicki.name>
date Sat, 02 Apr 2022 11:18:57 +0200
parent 12482:b193f8a2737e
child 12484:fb65b5a033b2
line wrap: on
line diff
--- a/plugins/mod_tls.lua	Fri Sep 17 21:18:30 2021 +0200
+++ b/plugins/mod_tls.lua	Sat Apr 02 11:18:57 2022 +0200
@@ -129,6 +129,13 @@
 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event)
 	local origin = event.origin;
 	if can_do_tls(origin) then
+		if origin.conn.block_reads then
+			-- we need to ensure that no data is read anymore, otherwise we could end up in a situation where
+			-- <proceed/> is sent and the socket receives the TLS handshake (and passes the data to lua) before
+			-- it is asked to initiate TLS
+			-- (not with the classical single-threaded server backends)
+			origin.conn:block_reads()
+		end
 		(origin.sends2s or origin.send)(starttls_proceed);
 		if origin.destroyed then return end
 		origin:reset_stream();