mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-09 00:00:04 +01:00
ssl: only apply restriction if nonzero for vhost
This commit is contained in:
parent
b4b3da06a1
commit
ba9d639792
2 changed files with 13 additions and 5 deletions
|
@ -1729,7 +1729,9 @@ lws_http_transaction_completed(struct lws *wsi)
|
|||
*/
|
||||
|
||||
if (wsi->vhost->use_ssl &&
|
||||
wsi->context->simultaneous_ssl == wsi->context->simultaneous_ssl_restriction) {
|
||||
wsi->context->simultaneous_ssl_restriction &&
|
||||
wsi->context->simultaneous_ssl ==
|
||||
wsi->context->simultaneous_ssl_restriction) {
|
||||
lwsl_info("%s: simultaneous_ssl_restriction and nothing pipelined\n", __func__);
|
||||
return 1;
|
||||
}
|
||||
|
@ -2240,7 +2242,9 @@ try_pollout:
|
|||
*/
|
||||
|
||||
if (wsi->vhost->use_ssl &&
|
||||
context->simultaneous_ssl == context->simultaneous_ssl_restriction)
|
||||
context->simultaneous_ssl_restriction &&
|
||||
context->simultaneous_ssl ==
|
||||
context->simultaneous_ssl_restriction)
|
||||
/* no... ignore it, he won't come again until we are
|
||||
* below the simultaneous_ssl_restriction limit and
|
||||
* POLLIN is enabled on him again
|
||||
|
|
10
lib/ssl.c
10
lib/ssl.c
|
@ -477,7 +477,9 @@ lws_ssl_close(struct lws *wsi)
|
|||
SSL_free(wsi->ssl);
|
||||
wsi->ssl = NULL;
|
||||
|
||||
if (wsi->context->simultaneous_ssl-- == wsi->context->simultaneous_ssl_restriction)
|
||||
if (wsi->context->simultaneous_ssl_restriction &&
|
||||
wsi->context->simultaneous_ssl-- ==
|
||||
wsi->context->simultaneous_ssl_restriction)
|
||||
/* we made space and can do an accept */
|
||||
lws_gate_accepts(wsi->context, 1);
|
||||
|
||||
|
@ -507,7 +509,8 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd)
|
|||
lwsl_err("%s: leaking ssl\n", __func__);
|
||||
if (accept_fd == LWS_SOCK_INVALID)
|
||||
assert(0);
|
||||
if (context->simultaneous_ssl >= context->simultaneous_ssl_restriction) {
|
||||
if (context->simultaneous_ssl_restriction &&
|
||||
context->simultaneous_ssl >= context->simultaneous_ssl_restriction) {
|
||||
lwsl_notice("unable to deal with SSL connection\n");
|
||||
return 1;
|
||||
}
|
||||
|
@ -522,7 +525,8 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd)
|
|||
compatible_close(accept_fd);
|
||||
goto fail;
|
||||
}
|
||||
if (++context->simultaneous_ssl == context->simultaneous_ssl_restriction)
|
||||
if (context->simultaneous_ssl_restriction &&
|
||||
++context->simultaneous_ssl == context->simultaneous_ssl_restriction)
|
||||
/* that was the last allowed SSL connection */
|
||||
lws_gate_accepts(context, 0);
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue