Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2025-07-09 03:04:10 -04:00
Code Issues Packages Projects Releases Wiki Activity

Log attempts to do SSL renegotiation

Browse Source
This commit is contained in:
Kovid Goyal 2017-06-23 12:03:15 +05:30
parent a43efc8a5a
commit 60d03c0153
No known key found for this signature in database
GPG Key ID: 06BC317B515ACE7C
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/calibre/srv/loop.py
View File

@ -356,6 +356,8 @@ class ServerLoop(object):
def on_ssl_servername(self, socket, server_name, ssl_context): def on_ssl_servername(self, socket, server_name, ssl_context):
c = self.connection_map.get(socket.fileno()) c = self.connection_map.get(socket.fileno())
if getattr(c, 'ssl_handshake_done', False): if getattr(c, 'ssl_handshake_done', False):
c.ready = False
c.ssl_terminated = True
# We do not allow client initiated SSL renegotiation # We do not allow client initiated SSL renegotiation
return ssl.ALERT_DESCRIPTION_NO_RENEGOTIATION return ssl.ALERT_DESCRIPTION_NO_RENEGOTIATION
@ -543,18 +545,23 @@ class ServerLoop(object):
self.close(s, conn) self.close(s, conn)
except Exception as e: except Exception as e:
ignore.add(s) ignore.add(s)
self.log.exception('Unhandled exception in state: %s' % conn.state_description) ssl_terminated = getattr(conn, 'ssl_terminated', False)
if conn.ready: if ssl_terminated:
if conn.response_started: self.log.warn('Client tried to initiate SSL renegotiation, closing connection')
self.close(s, conn)
else:
try:
conn.report_unhandled_exception(e, traceback.format_exc())
except Exception:
self.close(s, conn)
else:
self.log.error('Error in SSL handshake, terminating connection: %s' % as_unicode(e))
self.close(s, conn) self.close(s, conn)
else:
self.log.exception('Unhandled exception in state: %s' % conn.state_description)
if conn.ready:
if conn.response_started:
self.close(s, conn)
else:
try:
conn.report_unhandled_exception(e, traceback.format_exc())
except Exception:
self.close(s, conn)
else:
self.log.error('Error in SSL handshake, terminating connection: %s' % as_unicode(e))
self.close(s, conn)
def wakeup(self): def wakeup(self):
self.control_in.sendall(WAKEUP) self.control_in.sendall(WAKEUP)