From ddc0c321a60ba13a03cb2e37276f7e8655a3ae16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Deuc=D0=B5?= <shurd@sasktel.net>
Date: Mon, 15 Mar 2021 03:46:44 -0400
Subject: [PATCH] Changing timeout didn't help.  Use PopData of zero bytes to
 rekey...

This issue may actually be a rekey issue, to clear this, we need
to call cryptPopData(), but we can pop zero bytes.

In this case, re-try the flush.
---
 src/sbbs3/main.cpp | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/src/sbbs3/main.cpp b/src/sbbs3/main.cpp
index 09ca788a81..c0edd68a8e 100644
--- a/src/sbbs3/main.cpp
+++ b/src/sbbs3/main.cpp
@@ -2456,16 +2456,25 @@ void output_thread(void* arg)
 					 * afterward... presumably because the read timeout gets set to
 					 * what the current write timeout is.
 					 */
-					if(cryptStatusError(err=cryptSetAttribute(sbbs->ssh_session, CRYPT_OPTION_NET_WRITETIMEOUT, 30)))
+					if(cryptStatusError(err=cryptSetAttribute(sbbs->ssh_session, CRYPT_OPTION_NET_WRITETIMEOUT, 5)))
 						GCESSTR(err, node, LOG_WARNING, sbbs->ssh_session, "setting write timeout");
-					if(cryptStatusError((err=cryptFlushData(sbbs->ssh_session)))) {
-						GCESSTR(err, node, LOG_WARNING, sbbs->ssh_session, "flushing data");
-						ssh_errors++;
-						if (err != CRYPT_ERROR_TIMEOUT) {
-							sbbs->online=FALSE;
-							i=buftop-bufbot;	// Pretend we sent it all
+					do {
+						if(cryptStatusError((err=cryptFlushData(sbbs->ssh_session)))) {
+							GCESSTR(err, node, LOG_WARNING, sbbs->ssh_session, "flushing data");
+							ssh_errors++;
+							if (err == CRYPT_ERROR_TIMEOUT) {
+								(void)cryptPopData(sbbs->ssh_session, (void *)"", 0, &err);
+								if (cryptStatusError(err))
+									GCESSTR(err, node, LOG_WARNING, sbbs->ssh_session, "popping SSH data after timeout");
+								else
+									err = CRYPT_ERROR_TIMEOUT;
+							}
+							else {
+								sbbs->online=FALSE;
+								i=buftop-bufbot;	// Pretend we sent it all
+							}
 						}
-					}
+					} while (err == CRYPT_ERROR_TIMEOUT);
 					// READ = WRITE TIMEOUT HACK... REMOVE WHEN FIXED
 					if(cryptStatusError(err=cryptSetAttribute(sbbs->ssh_session, CRYPT_OPTION_NET_WRITETIMEOUT, 0)))
 						GCESSTR(err, node, LOG_WARNING, sbbs->ssh_session, "setting write timeout");
-- 
GitLab