rpc: don't send 403 when using SSL to prevent DoS

Signed-off-by: Giel van Schijndel <me@mortis.eu>
14 years ago · e913574e02
parent c9e70d4c0a
commit e913574e02
1 changed files with 3 additions and 1 deletions
--- a/src/rpc.cpp
+++ b/src/rpc.cpp
@ -1889,7 +1889,9 @@ void ThreadRPCServer2(void* parg)
        // Restrict callers by IP
        if (!ClientAllowed(peer.address().to_string()))
        {
-            stream << HTTPReply(403, "") << std::flush;
+            // Only send a 403 if we're not using SSL to prevent a DoS during the SSL handshake.
+            if (!fUseSSL)
+                stream << HTTPReply(403, "") << std::flush;
            continue;
        }