- EVP_EncryptUpdate(c->outctx, outbuf, &outlen, buffer, length);
- bufp = outbuf;
- length = outlen;
- } else
- bufp = buffer;
-
- while(length) {
- result = write(c->socket, bufp, length);
+ /* Check encryption limits */
+ if((uint64_t)length > c->outbudget) {
+ ifdebug(META) logger(LOG_ERR, "Byte limit exceeded for encryption to %s (%s)", c->name, c->hostname);
+ return false;
+ } else {
+ c->outbudget -= length;
+ }
+
+ result = EVP_EncryptUpdate(c->outctx, (unsigned char *)c->outbuf + c->outbufstart + c->outbuflen,
+ &outlen, (unsigned char *)buffer, length);
+
+ if(!result || outlen < length) {
+ logger(LOG_ERR, "Error while encrypting metadata to %s (%s): %s",
+ c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
+ return false;
+ } else if(outlen > length) {
+ logger(LOG_EMERG, "Encrypted data too long! Heap corrupted!");
+ abort();
+ }
+
+ c->outbuflen += outlen;
+ } else {
+ memcpy(c->outbuf + c->outbufstart + c->outbuflen, buffer, length);
+ c->outbuflen += length;
+ }
+
+ return true;
+}
+
+bool flush_meta(connection_t *c) {
+ int result;
+
+ ifdebug(META) logger(LOG_DEBUG, "Flushing %d bytes to %s (%s)",
+ c->outbuflen, c->name, c->hostname);
+
+ while(c->outbuflen) {
+ result = send(c->socket, c->outbuf + c->outbufstart, c->outbuflen, 0);
+