Commit dd46b7d9 authored by Mike Hibler's avatar Mike Hibler

Fix a bug and clean up some logic. The bug was that the last change was

rejecting UDP requests as NON-SSL, due to removing some code that used to
skip around the TCP checks.
parent baa1bf56
......@@ -1032,6 +1032,12 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
}
#ifdef WITHSSL
/*
* We verify UDP requests below based on the particular request
*/
if (!istcp)
goto execute;
/*
* If the connection is not SSL, then it must be a local node.
*/
......@@ -1044,9 +1050,6 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
}
}
else if (reqp->iscontrol) {
if (!istcp)
goto execute;
error("%s: Control node connection without SSL!\n",
reqp->nodeid);
if (!insecure)
......@@ -1128,7 +1131,7 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
/*
* Ditto for remote node connection without SSL.
*/
if (!reqp->islocal &&
if (istcp && !isssl && !reqp->islocal &&
(command_array[i].flags & F_REMNOSSL) == 0) {
error("%s: %s: Invalid NO-SSL request from remote node\n",
reqp->nodeid, command_array[i].cmdname);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment