X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/21f715a9a38f5b8db32676a07be6decef5a4fd7a..b2c208be091670e3c5259eba77187bae6ac6eece:/modules/m_starttls.c?ds=inline

diff --git a/modules/m_starttls.c b/modules/m_starttls.c
index 81c7952a..6159cac5 100644
--- a/modules/m_starttls.c
+++ b/modules/m_starttls.c
@@ -51,9 +51,16 @@ mr_starttls(struct Client *client_p, struct Client *source_p, int parc, const ch
 	if (!MyConnect(client_p))
 		return 0;
 
+	if (!ssl_ok || !get_ssld_count())
+	{
+		sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "TLS is not configured");
+		return 1;
+	}
+
 	if (rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &F[0], &F[1], "STARTTLS ssld session") == -1)
 	{
 		ilog_error("error creating SSL/TLS socketpair for ssld slave");
+		sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "Unable to create SSL/TLS socketpair for ssld offload slave");
 		return 1;
 	}
 
@@ -68,13 +75,17 @@ mr_starttls(struct Client *client_p, struct Client *source_p, int parc, const ch
 	ctl = start_ssld_accept(client_p->localClient->F, F[1], rb_get_fd(F[0]));
 	if (ctl != NULL)
 	{
+		del_from_cli_fd_hash(client_p);
 		client_p->localClient->F = F[0];
+		add_to_cli_fd_hash(client_p);
 		client_p->localClient->ssl_ctl = ctl;
 		SetSSL(client_p);
 	}
 	else
 		return 1;
 
+#else
+	sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "TLS is not configured");
 #endif
 	return 0;
 }