From 5a8f5d724bbfd81cb2b89540e395359aaedc6c17 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 3 Apr 2021 20:56:50 +0100 Subject: [PATCH] TLS: harden error-detection in TLS proxy process --- src/src/transports/smtp.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index ca589b0be..c6099f960 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -3368,11 +3368,15 @@ for (int fd_bits = 3; fd_bits; ) goto done; } + /* For errors where not readable, bomb out */ + if (FD_ISSET(tls_out.active.sock, &efds) || FD_ISSET(pfd[0], &efds)) { DEBUG(D_transport) debug_printf("select: exceptional cond on %s fd\n", FD_ISSET(pfd[0], &efds) ? "proxy" : "tls"); - goto done; + if (!(FD_ISSET(tls_out.active.sock, &rfds) || FD_ISSET(pfd[0], &rfds))) + goto done; + DEBUG(D_transport) debug_printf("- but also readable; no exit yet\n"); } } while (rc < 0 || !(FD_ISSET(tls_out.active.sock, &rfds) || FD_ISSET(pfd[0], &rfds))); -- 2.30.2