proxmox-mirrors/pve-http-server
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-http-server synced 2025-08-12 10:53:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

call Net::SSLeay::ERR_clear_error() after auth_handler

Browse Source 
Some auth_handlers use Crypt::OpenSSL::RSA, which seems to set the openssl error
variable. We need to clear that here, else AnyEvent::TLS aborts the connection.
This commit is contained in:
Dietmar Maurer 2017-01-20 18:15:21 +01:00
parent 7a9a3b9063
commit 6389088689
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
PVE/APIServer/AnyEvent.pm
View File

@ -1184,6 +1184,11 @@ sub unshift_read_header {
$reqstate->{peer_host}); $reqstate->{peer_host});
}; };
if (my $err = $@) { if (my $err = $@) {
# HACK!!
# Some auth_handlers use Crypt::OpenSSL::RSA, which seems to set the openssl error
# variable. We need to clear that here, else AnyEvent::TLS aborts the connection.
Net::SSLeay::ERR_clear_error();
# always delay unauthorized calls by 3 seconds # always delay unauthorized calls by 3 seconds
my $delay = 3; my $delay = 3;
if (my $formatter = PVE::APIServer::Formatter::get_login_formatter($format)) { if (my $formatter = PVE::APIServer::Formatter::get_login_formatter($format)) {
@ -1197,7 +1202,7 @@ sub unshift_read_header {
$resp->header("Content-Type" => $ct); $resp->header("Content-Type" => $ct);
$resp->content($raw); $resp->content($raw);
} }
$self->response($reqstate, $resp, undef, $nocomp, 3); $self->response($reqstate, $resp, undef, $nocomp, $delay);
} else { } else {
my $resp = HTTP::Response->new(HTTP_UNAUTHORIZED, $err); my $resp = HTTP::Response->new(HTTP_UNAUTHORIZED, $err);
$self->response($reqstate, $resp, undef, 0, $delay); $self->response($reqstate, $resp, undef, 0, $delay);