Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2025-07-09 03:04:10 -04:00
Code Issues Packages Projects Releases Wiki Activity

Log attempts to do SSL renegotiation

Browse Source
This commit is contained in:
Kovid Goyal 2017-06-23 12:03:15 +05:30
parent a43efc8a5a
commit 60d03c0153
No known key found for this signature in database
GPG Key ID: 06BC317B515ACE7C
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/calibre/srv/loop.py
View File

@ -356,6 +356,8 @@ class ServerLoop(object):
def on_ssl_servername(self, socket, server_name, ssl_context): def on_ssl_servername(self, socket, server_name, ssl_context):
c = self.connection_map.get(socket.fileno()) c = self.connection_map.get(socket.fileno())
if getattr(c, 'ssl_handshake_done', False): if getattr(c, 'ssl_handshake_done', False):
c.ready = False
c.ssl_terminated = True
# We do not allow client initiated SSL renegotiation # We do not allow client initiated SSL renegotiation
return ssl.ALERT_DESCRIPTION_NO_RENEGOTIATION return ssl.ALERT_DESCRIPTION_NO_RENEGOTIATION
@ -543,6 +545,11 @@ class ServerLoop(object):
self.close(s, conn) self.close(s, conn)
except Exception as e: except Exception as e:
ignore.add(s) ignore.add(s)
ssl_terminated = getattr(conn, 'ssl_terminated', False)
if ssl_terminated:
self.log.warn('Client tried to initiate SSL renegotiation, closing connection')
self.close(s, conn)
else:
self.log.exception('Unhandled exception in state: %s' % conn.state_description) self.log.exception('Unhandled exception in state: %s' % conn.state_description)
if conn.ready: if conn.ready:
if conn.response_started: if conn.response_started: