From 9b468d547f67a4f9b1d10431ba24b93e2fb3d9b3 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 8 Nov 2022 09:52:13 +0100
Subject: [thrift] Ignore certain SSL and connection errors

Bogus data from port scans/probes results in stack trace spam since the
data obviously cannot properly be parsed as an SSL handshake. Ignore the
most typical of those exceptions, while keeping more specific ones, e.g.
about mismatch regarding ciphers/TLS version in place.
---
 src/main/java/org/openslx/filetransfer/Listener.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/main/java/org/openslx/filetransfer')

diff --git a/src/main/java/org/openslx/filetransfer/Listener.java b/src/main/java/org/openslx/filetransfer/Listener.java
index 92a26cd..0d5921a 100644
--- a/src/main/java/org/openslx/filetransfer/Listener.java
+++ b/src/main/java/org/openslx/filetransfer/Listener.java
@@ -138,7 +138,11 @@ public class Listener
 										Transfer.safeClose( connection );
 									}
 								} catch ( Exception e ) {
-									log.warn( "Error accepting client", e );
+									String m = e.getMessage();
+									if ( !m.contains( "Remote host terminated the handshake" )
+											&& !m.contains( "Unsupported or unrecognized SSL message" ) ) {
+										log.warn( "Error accepting client", e );
+									}
 									Transfer.safeClose( connection );
 								}
 							}
-- 
cgit v1.2.3-55-g7522