From cb0a3bf5aab10ed69a76724ed1b1f3de05ca095d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Deuc=D0=B5?= <shurd@sasktel.net>
Date: Wed, 17 Mar 2021 13:27:58 -0400
Subject: [PATCH] Limit sends in terminal and web servers to 8k as well.

It fixed an issue in js_socket.c, no reason to expect better
behaviour with TLS.  This may fix SZ YModem-G transfers on
cvs.synchro.net...
---
 src/sbbs3/main.cpp  | 7 +++++++
 src/sbbs3/websrvr.c | 9 ++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/sbbs3/main.cpp b/src/sbbs3/main.cpp
index 1dd312576d..255613b664 100644
--- a/src/sbbs3/main.cpp
+++ b/src/sbbs3/main.cpp
@@ -2443,6 +2443,13 @@ void output_thread(void* arg)
 				i=buftop-bufbot;	// Pretend we sent it all
 			}
 			else {
+				/*
+				 * Limit as per js_socket.c.
+				 * Sure, this is TLS, not SSH, but we see weird stuff here in sz file transfers.
+				 */
+				size_t sendbytes = buftop-bufbot;
+				if (sendbytes > 0x2000)
+					sendbytes = 0x2000;
 				if(cryptStatusError((err=cryptPushData(sbbs->ssh_session, (char*)buf+bufbot, buftop-bufbot, &i)))) {
 					/* Handle the SSH error here... */
 					GCESSTR(err, node, LOG_WARNING, sbbs->ssh_session, "pushing data");
diff --git a/src/sbbs3/websrvr.c b/src/sbbs3/websrvr.c
index a7b5a5a819..a157ef8ebc 100644
--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -645,7 +645,14 @@ static int sess_sendbuf(http_session_t *session, const char *buf, size_t len, BO
 		switch(sel) {
 			case 1:
 				if (session->is_tls) {
-					status = cryptPushData(session->tls_sess, buf+sent, len-sent, &tls_sent);
+					/*
+					 * Limit as per js_socket.c.
+					 * Sure, this is TLS, not SSH, but we see weird stuff here in sz file transfers.
+					 */
+					size_t sendbytes = len-sent;
+					if (sendbytes > 0x2000)
+						sendbytes = 0x2000;
+					status = cryptPushData(session->tls_sess, buf+sent, sendbytes, &tls_sent);
 					GCES(status, session, "pushing data");
 					if (status == CRYPT_ERROR_TIMEOUT) {
 						tls_sent = 0;
-- 
GitLab