doveadm-server: Fix potential hangs with SSL connections

diff --git a/src/doveadm/client-connection.c b/src/doveadm/client-connection.c
index 91b95fdf75e817d81ae26980807d9195788c7f1f..7dd7c70052874e5b12e884a1e60bf3fd938fdfa5 100644 (file)
--- a/src/doveadm/client-connection.c
+++ b/src/doveadm/client-connection.c
@@ -404,9 +404,13 @@ static bool client_handle_command(struct client_connection *conn, char **args)
 
        client_connection_set_proctitle(conn, cmd_name);
        o_stream_cork(conn->output);
+       /* Disable IO while running a command. This is required for commands
+          that do IO themselves (e.g. dsync-server). */
+       io_remove(&conn->io);
        if (doveadm_cmd_handle(conn, cmd_name, argc-2, (const char**)(args+2), &cctx) < 0)
                o_stream_nsend(conn->output, "\n-\n", 3);
        o_stream_uncork(conn->output);
+       conn->io = io_add_istream(conn->input, client_connection_input, conn);
        client_connection_set_proctitle(conn, "");
 
        /* flush the output and possibly run next command */
@@ -660,7 +664,6 @@ client_connection_create(int fd, int listen_fd, bool ssl)
 
        conn->name = conn->remote_ip.family == 0 ? "<local>" :
                p_strdup(pool, net_ip2addr(&conn->remote_ip));
-       conn->io = io_add(fd, IO_READ, client_connection_input, conn);
        conn->input = i_stream_create_fd(fd, MAX_INBUF_SIZE, FALSE);
        conn->output = o_stream_create_fd(fd, (size_t)-1, FALSE);
        i_stream_set_name(conn->input, conn->name);
@@ -673,6 +676,8 @@ client_connection_create(int fd, int listen_fd, bool ssl)
                        return NULL;
                }
        }
+       /* add IO after SSL istream is created */
+       conn->io = io_add_istream(conn->input, client_connection_input, conn);
        conn->preauthenticated =
                client_connection_is_preauthenticated(listen_fd);