From 8410f684fb93fea3d3b5f5ada1a6c500366576e9 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Mon, 10 Aug 2015 00:29:43 +0900
Subject: [PATCH] nghttpx: Drop connection if client hello is too large

---
 src/shrpx_connection.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/shrpx_connection.cc b/src/shrpx_connection.cc
index a511eb7f..7e226906 100644
--- a/src/shrpx_connection.cc
+++ b/src/shrpx_connection.cc
@@ -306,6 +306,15 @@ int Connection::tls_handshake() {
   // We have limited space for read buffer, so stop reading if it
   // filled up.
   if (tls.rb->wleft() == 0) {
+    if (tls.handshake_state != TLS_CONN_WRITE_STARTED) {
+      // Reading 16KiB before writing server hello is unlikely for
+      // ordinary client.
+      if (LOG_ENABLED(INFO)) {
+        LOG(INFO) << "tls: client hello is too large";
+      }
+      return -1;
+    }
+
     rlimit.stopw();
     ev_timer_stop(loop, &rt);
   }