Add a 10 second timeout to handle the case where a client connects but doesn't start a valid SSL session

2026-02-03 14:13:29 +00:00 · 2023-10-09 22:55:18 -07:00
parent bbe7e78516
commit c4c2c5c38e
1 changed files with 8 additions and 3 deletions
--- a/miniserv.pl
+++ b/miniserv.pl
@@ -4748,10 +4748,15 @@ if ($config{'ssl_cipher_list'}) {
 			     "$@\n";
 		}
 	}
+
+# Accept the SSL connection
 Net::SSLeay::set_fd($ssl_con, fileno($sock));
-if (!Net::SSLeay::accept($ssl_con)) {
-	return undef;
-	}
+alarm(10);
+$SIG{'ALRM'} = sub { die "timeout" };
+my $ok = Net::SSLeay::accept($ssl_con);
+alarm(0);
+return undef if (!$ok);
+
 # Check for a per-hostname SSL context and use that instead
 if (defined(&Net::SSLeay::get_servername)) {
 	my $h = Net::SSLeay::get_servername($ssl_con);