Re: SSLServer crashes when non-essl telnet connection is made

From: Erick Cantwell <ecantwell@xxxxxxxxxxxx>
Date: Mon, 16 Mar 2009 21:54:35 -0500

Michal,

You were absolutely correct in that I was getting an SSL exception, but
I refused to believe that this should be "normal" behavior. In my
opinion an SSLServer in ruby should not crash by default when an
unencrypted connection is made.

I started digging deeper and I ended up fixing it by modifying the
actual openssl/ssl.rb file. Previously the code in the "accept" method
looked like this:

def accept
sock = @svr.accept
begin
ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
ssl.sync_close = true
ssl.accept if @start_immediately
ssl
rescue SSLError => ex
sock.close
raise ex
end
end

I have modified it by adding an extra rescue clause:

def accept
sock = @svr.accept
begin
ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
ssl.sync_close = true
begin

ssl.accept if @start_immediately

rescue SSLError => ex3
ssl.close
end
ssl
rescue SSLError => ex
sock.close
raise ex
end
end

This still spews an error server side but my server does not crash
anymore. I can probably add more code and handle the exception more
gracefully, but for now this will do.

**This fix does not work for the example code that I posted above so
this is not a universal fix. It does fix the issue in my SSLServer that
uses Threads, though.

Thank you to everyone and their suggestions.

--
Posted via http://www.ruby-forum.com/.

.

Follow-Ups:
- Re: SSLServer crashes when non-essl telnet connection is made
  - From: Michal Suchanek

References:
- SSLServer crashes when non-essl telnet connection is made
  - From: Erick Cantwell
- Re: SSLServer crashes when non-essl telnet connection is made
  - From: Michal Suchanek

Prev by Date: [ANN] flay 1.2.1 Released
Next by Date: Re: upping numerical precision
Previous by thread: Re: SSLServer crashes when non-essl telnet connection is made
Next by thread: Re: SSLServer crashes when non-essl telnet connection is made
Index(es):
- Date
- Thread

Relevant Pages

Re: Error 0X800C0005
... I have a fix for this issue it seems but as you got it fixed I'd love to know what you did. ... > fatigue caused me to post what I did, ... just expressing frustration. ... I've tried various settings for SSL, ...
(microsoft.public.windowsupdate)
Re: Error 0X800C0005
... they got somebody who actually helped them fix their ... No harm was intended, just expressing frustration. ... Apologies again to any I may have offended. ... I've tried various settings for SSL, ...
(microsoft.public.windowsupdate)
Re: Problem with OWA, SSL & Public Folders.
... > yet to see an explaination or a fix. ... Two server site. ... If I require SSL, ...
(microsoft.public.exchange.admin)
Problem with OWA, SSL & Public Folders.
... see an explaination or a fix. ... Exchange 2000 w/latest patches. ... Two server site. ... great as long as I don't require SSL. ...
(microsoft.public.exchange.admin)