00d27283e5
- security fix: Added PRNG state update in fork threading (CVE-2014-0016). - Patches: - stunnel-listenqueue-option.patch refreshed. OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=65
49 lines
1.5 KiB
Diff
49 lines
1.5 KiB
Diff
--- src/options.c
|
|
+++ src/options.c
|
|
@@ -1218,6 +1218,24 @@
|
|
break;
|
|
}
|
|
|
|
+ /* listenqueue option */
|
|
+ switch(cmd) {
|
|
+ case CMD_BEGIN:
|
|
+ section->listenqueue=SOMAXCONN;
|
|
+ break;
|
|
+ case CMD_EXEC:
|
|
+ if(strcasecmp(opt, "listenqueue"))
|
|
+ break;
|
|
+ section->listenqueue=atoi(arg);
|
|
+ return (section->listenqueue?NULL:"Bad verify level");
|
|
+ case CMD_DEFAULT:
|
|
+ s_log(LOG_NOTICE, "%-15s = %d", "listenqueue", SOMAXCONN);
|
|
+ break;
|
|
+ case CMD_HELP:
|
|
+ s_log(LOG_NOTICE, "%-15s = defines the maximum length the queue of pending connections may grow to (max SOMAXCONN)", "listenqueue");
|
|
+ break;
|
|
+ }
|
|
+
|
|
#ifdef HAVE_OSSL_OCSP_H
|
|
|
|
/* OCSP */
|
|
--- src/prototypes.h
|
|
+++ src/prototypes.h
|
|
@@ -207,6 +207,7 @@
|
|
int timeout_close; /* maximum close_notify time */
|
|
int timeout_connect; /* maximum connect() time */
|
|
int timeout_idle; /* maximum idle connection time */
|
|
+ int listenqueue; /* Listen backlog */
|
|
enum {FAILOVER_RR, FAILOVER_PRIO} failover; /* failover strategy */
|
|
char *username;
|
|
|
|
--- src/stunnel.c
|
|
+++ src/stunnel.c
|
|
@@ -414,7 +414,7 @@
|
|
str_free(local_address);
|
|
return 1;
|
|
}
|
|
- if(listen(opt->fd, SOMAXCONN)) {
|
|
+ if(listen(opt->fd, opt->listenqueue)) {
|
|
sockerror("listen");
|
|
closesocket(opt->fd);
|
|
opt->fd=-1;
|