mod_tls: Mark session as not secure before negotiating TLS

[prosody.git] / net / server.lua

diff --git a/net/server.lua b/net/server.lua
index fb05e8177cfd88af2fd62fb86fa163cab7cdcfe0..54eadbc617b9f0c06861b2d69dca4681ddbdc696 100644 (file)
--- a/net/server.lua
+++ b/net/server.lua
@@ -157,6 +157,7 @@ _cleanqueue = false    -- clean bufferqueue after using
 \r
 _maxclientsperserver = 1000\r
 \r
+_maxsslhandshake = 30 -- max handshake round-trips\r
 ----------------------------------// PRIVATE //--\r
 \r
 wrapserver = function( listeners, socket, ip, serverport, pattern, sslctx, maxconnections, startssl )    -- this function wraps a server\r
@@ -480,10 +481,10 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
             readtraffic = readtraffic + count\r
             _readtraffic = _readtraffic + count\r
             _readtimes[ handler ] = _currenttime\r
-            --out_put( "server.lua: read data '", buffer, "', error: ", err )\r
+            --out_put( "server.lua: read data '", buffer:gsub("[^%w%p ]", "."), "', error: ", err )\r
             return dispatch( handler, buffer, err )\r
         else    -- connections was closed or fatal error\r
-            out_put( "server.lua: client ", tostring(ip), ":", tostring(clientport), " error: ", tostring(err) )\r
+            out_put( "server.lua: client ", tostring(ip), ":", tostring(clientport), " read error: ", tostring(err) )\r
             fatalerror = true\r
             disconnect( handler, err )\r
            _ = handler and handler.close( )\r
@@ -520,7 +521,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
             _writetimes[ handler ] = _currenttime\r
             return true\r
         else    -- connection was closed during sending or fatal error\r
-            out_put( "server.lua: client ", tostring(ip), ":", tostring(clientport), " error: ", tostring(err) )\r
+            out_put( "server.lua: client ", tostring(ip), ":", tostring(clientport), " write error: ", tostring(err) )\r
             fatalerror = true\r
             disconnect( handler, err )\r
             _ = handler and handler.close( )\r
@@ -534,7 +535,7 @@ wrapconnection = function( server, listeners, socket, ip, serverport, clientport
         local read\r
         local handshake = coroutine_wrap( function( client )    -- create handshake coroutine\r
                 local err\r
-                for i = 1, 10 do    -- 10 handshake attemps\r
+                for i = 1, _maxsslhandshake do\r
                     _sendlistlen = ( wrote and removesocket( _sendlist, socket, _sendlistlen ) ) or _sendlistlen\r
                     _readlistlen = ( read and removesocket( _readlist, socket, _readlistlen ) ) or _readlistlen\r
                     read, wrote = nil, nil\r
@@ -751,7 +752,7 @@ closeall = function( )
 end\r
 \r
 getsettings = function( )\r
-    return  _selecttimeout, _sleeptime, _maxsendlen, _maxreadlen, _checkinterval, _sendtimeout, _readtimeout, _cleanqueue, _maxclientsperserver\r
+    return  _selecttimeout, _sleeptime, _maxsendlen, _maxreadlen, _checkinterval, _sendtimeout, _readtimeout, _cleanqueue, _maxclientsperserver, _maxsslhandshake\r
 end\r
 \r
 changesettings = function( new )\r
@@ -767,6 +768,7 @@ changesettings = function( new )
     _readtimeout = tonumber( new.readtimeout ) or _readtimeout\r
     _cleanqueue = new.cleanqueue\r
     _maxclientsperserver = new._maxclientsperserver or _maxclientsperserver\r
+    _maxsslhandshake = new._maxsslhandshake or _maxsslhandshake\r
     return true\r
 end\r
 \r
@@ -819,7 +821,7 @@ loop = function( )    -- this is the main loop of the program
         _currenttime = os_time( )\r
         if os_difftime( _currenttime - _timer ) >= 1 then\r
             for i = 1, _timerlistlen do\r
-                _timerlist[ i ]( )    -- fire timers\r
+                _timerlist[ i ]( _currenttime )    -- fire timers\r
             end\r
             _timer = _currenttime\r
         end\r