From 4ceec33d0826b9f5453875510735bf00d7ad8b75 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Thu, 6 Apr 2017 11:46:10 +0200 Subject: [PATCH] Do something about TLS renegotiation. --- src/stub.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/src/stub.c b/src/stub.c index 90b44c96..e8a8ee52 100644 --- a/src/stub.c +++ b/src/stub.c @@ -1329,9 +1329,22 @@ stub_tls_write(getdns_upstream *upstream, getdns_tcp_state *tcp, } else #endif written = SSL_write(tls_obj, netreq->query - 2, pkt_len + 2); - if (written <= 0) - return STUB_TCP_ERROR; - + if (written <= 0) { + /* SSL_write will not do partial writes, because + * SSL_MODE_ENABLE_PARTIAL_WRITE is not default, + * but the write could fail because of renegotiation. + * In that case SSL_get_error() will return + * SSL_ERROR_WANT_READ or, SSL_ERROR_WANT_WRITE. + * Return for retry in such cases. + */ + switch (SSL_get_error(tls_obj, written)) { + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + return STUB_TCP_AGAIN; + default: + return STUB_TCP_ERROR; + } + } /* We were able to write everything! Start reading. */ return (int) query_id; @@ -2102,6 +2115,12 @@ upstream_reschedule_events(getdns_upstream *upstream, uint64_t idle_timeout) { else { DEBUG_STUB("%s %-35s: FD: %d Connection idle - timeout is %d\n", STUB_DEBUG_SCHEDULE, __FUNC__, upstream->fd, (int)idle_timeout); + /* TODO: Schedule a read also anyway, + * to digest timed out answers. + * Dont forget to schedule with upstream->fd then! + * + * upstream->event.read_cb = upstream_read_cb; + */ upstream->event.timeout_cb = upstream_idle_timeout_cb; if (upstream->conn_state != GETDNS_CONN_OPEN) idle_timeout = 0;