ssld: send cipher/certfp before proxying any plaintext traffic

author Simon Arlott <sa.me.uk>

Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)

committer Simon Arlott <sa.me.uk>

Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)
author Simon Arlott <sa.me.uk>
Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)
committer Simon Arlott <sa.me.uk>
Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)
diff --git a/ssld/ssld.c b/ssld/ssld.c

index 68f0cda3fae10990e497d4dd686542852041afd5..cb74d2de82ab1195a714c9ba76b74b439c4269cc 100644 (file)
--- a/ssld/ssld.c
+++ b/ssld/ssld.c
@@ -706,10 +706,10 @@ ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen
  
         if(status == RB_OK)
         {
-               conn_mod_read_cb(conn->mod_fd, conn);
-               conn_plain_read_cb(conn->plain_fd, conn);
                 ssl_send_cipher(conn);
                 ssl_send_certfp(conn);
+               conn_mod_read_cb(conn->mod_fd, conn);
+               conn_plain_read_cb(conn->plain_fd, conn);
                 return;
         }
         /* ircd doesn't care about the reason for this */
@@ -724,10 +724,10 @@ ssl_process_connect_cb(rb_fde_t *F, int status, void *data)
  
         if(status == RB_OK)
         {
-               conn_mod_read_cb(conn->mod_fd, conn);
-               conn_plain_read_cb(conn->plain_fd, conn);
                 ssl_send_cipher(conn);
                 ssl_send_certfp(conn);
+               conn_mod_read_cb(conn->mod_fd, conn);
+               conn_plain_read_cb(conn->plain_fd, conn);
         }
         else if(status == RB_ERR_TIMEOUT)
                 close_conn(conn, WAIT_PLAIN, "SSL handshake timed out");
author	Simon Arlott <sa.me.uk>
	Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)
committer	Simon Arlott <sa.me.uk>
	Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)