FreeBSD: harden against ClamAV connection errors

author Jeremy Harris <jgh146exb@wizmail.org>

Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)

committer Jeremy Harris <jgh146exb@wizmail.org>

Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)
author Jeremy Harris <jgh146exb@wizmail.org>
Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)
committer Jeremy Harris <jgh146exb@wizmail.org>
Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)
diff --git a/src/src/malware.c b/src/src/malware.c

index 2883f225af4b7c526940c530ad65583f4a790ebc..dfa8e2b4b79b30e55c242a4e46e46bb6ebbfd605 100644 (file)
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -272,8 +272,19 @@ static inline int
  m_tcpsocket(const uschar * hostname, unsigned int port,
         host_item * host, uschar ** errstr, const blob * fastopen_blob)
  {
-return ip_connectedsocket(SOCK_STREAM, hostname, port, port, 5,
+int fd = ip_connectedsocket(SOCK_STREAM, hostname, port, port, 5,
                           host, errstr, fastopen_blob);
+#ifdef EXIM_TFO_FREEBSD
+/* Under some fault conditions, FreeBSD 12.2 seen to send a (non-TFO) SYN
+and, getting no response, wait for a long time.  Impose a 5s max. */
+if (fd >= 0)
+  {
+  struct timeval tv = {.tv_sec = 5};
+  fd_set fds;
+  FD_ZERO(fds); FD_SET(fd, &fds); (void) select(fd+1, NULL, &fds, NULL, &tv);
+  }
+#endif
+return fd;
  }
  #endif
author	Jeremy Harris <jgh146exb@wizmail.org>
	Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)