diff options
| -rw-r--r-- | src/libutil/http.c | 24 | ||||
| -rw-r--r-- | src/libutil/http.h | 2 | ||||
| -rw-r--r-- | src/rspamd_proxy.c | 4 |
3 files changed, 27 insertions, 3 deletions
diff --git a/src/libutil/http.c b/src/libutil/http.c index 315598871..974a2b592 100644 --- a/src/libutil/http.c +++ b/src/libutil/http.c @@ -850,7 +850,8 @@ rspamd_http_decrypt_message (struct rspamd_http_connection *conn, if (!rspamd_cryptobox_decrypt_nm_inplace (m, dec_len, nonce, nm, m - rspamd_cryptobox_mac_bytes (mode), mode)) { - msg_err ("cannot verify encrypted message"); + msg_err ("cannot verify encrypted message, first bytes of the input: %*xs", + (gint)MIN(msg->body_buf.len, 64), msg->body_buf.begin); return -1; } @@ -3936,3 +3937,24 @@ rspamd_http_normalize_path_inplace (gchar *path, guint len, guint *nlen) *nlen = (o - path); } } + +void +rspamd_http_connection_disable_encryption (struct rspamd_http_connection *conn) +{ + struct rspamd_http_connection_private *priv; + + priv = conn->priv; + + if (priv) { + if (priv->local_key) { + rspamd_keypair_unref (priv->local_key); + } + if (priv->peer_key) { + rspamd_pubkey_unref (priv->peer_key); + } + + priv->local_key = NULL; + priv->peer_key = NULL; + priv->flags &= ~RSPAMD_HTTP_CONN_FLAG_ENCRYPTED; + } +}
\ No newline at end of file diff --git a/src/libutil/http.h b/src/libutil/http.h index 4ce9e0a84..c271caaa4 100644 --- a/src/libutil/http.h +++ b/src/libutil/http.h @@ -438,6 +438,8 @@ void rspamd_http_message_free (struct rspamd_http_message *msg); void rspamd_http_connection_set_max_size (struct rspamd_http_connection *conn, gsize sz); +void rspamd_http_connection_disable_encryption (struct rspamd_http_connection *conn); + /** * Increase refcount for shared file (if any) to prevent early memory unlinking * @param msg diff --git a/src/rspamd_proxy.c b/src/rspamd_proxy.c index 5ec9cdce2..1d4324bdc 100644 --- a/src/rspamd_proxy.c +++ b/src/rspamd_proxy.c @@ -1499,10 +1499,10 @@ proxy_backend_master_error_handler (struct rspamd_http_connection *conn, GError struct rspamd_proxy_session *session; session = bk_conn->s; - msg_info_session ("abnormally closing connection from backend: %s, error: %s," + msg_info_session ("abnormally closing connection from backend: %s, error: %e," " retries left: %d", rspamd_inet_address_to_string (rspamd_upstream_addr (session->master_conn->up)), - err->message, + err, session->ctx->max_retries - session->retries); session->retries ++; rspamd_upstream_fail (bk_conn->up); |