Crash in CCS injection plugin for services not sending data

[happyc0ding]

Sslyze hangs/crashes for the CCS injection plugin in some cases. While debugging I found that it's trapped in the following loop in openssl_ccs_injection.py:

while True:
        try:
            tls_record, len_consumed = TlsRecordParser.parse_bytes(remaining_bytes)
            remaining_bytes = remaining_bytes[len_consumed::]
        except NotEnoughData:
            # Try to get more data
            try:
                raw_ssl_bytes = self._sock.recv(16381)
            except socket.error:
                # Server closed the connection after receiving the CCS payload
                raise NotVulnerableToCcsInjection()
[...]

It seems that some SSL services just stop sending data (unfortunately I have no sample for you and I don't know why they behave that way), therefore "raw_ssl_bytes = self._sock.recv(16381)" never collects enough data to proceed. Since timeouts don't affect this code, it just keeps looping. I've also found that in same rare cases the parent sslyze process returns, but the children are not terminated, however, I have not been able to reproduce that reliably.

Since other plugins work pretty much the same way, they may also be affected in such a scenario. Maybe you could add some timeout here?