trafficserver git commit: TS-3667: SSL Handshake read does not correctly handle EOF and error cases.

Thu, 04 Jun 2015 16:56:17 -0700 

Repository: trafficserver
Updated Branches:
  refs/heads/master 2e1ca045e -> fb3bbbd4f


TS-3667: SSL Handshake read does not correctly handle EOF and error cases.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/fb3bbbd4
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/fb3bbbd4
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/fb3bbbd4

Branch: refs/heads/master
Commit: fb3bbbd4f716a8ac4399ff1edba1c8005610f7b1
Parents: 2e1ca04
Author: shinrich <[email protected]>
Authored: Thu Jun 4 18:54:41 2015 -0500
Committer: shinrich <[email protected]>
Committed: Thu Jun 4 18:54:41 2015 -0500

----------------------------------------------------------------------
 iocore/net/SSLNetVConnection.cc | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/fb3bbbd4/iocore/net/SSLNetVConnection.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLNetVConnection.cc b/iocore/net/SSLNetVConnection.cc
index 4e3eb8c..1ea9883 100644
--- a/iocore/net/SSLNetVConnection.cc
+++ b/iocore/net/SSLNetVConnection.cc
@@ -349,11 +349,6 @@ SSLNetVConnection::read_raw_data()
     if (r <= 0) {
       if (r == -EAGAIN || r == -ENOTCONN) {
         NET_INCREMENT_DYN_STAT(net_calls_to_read_nodata_stat);
-        return r;
-      }
-
-      if (!r || r == -ECONNRESET) {
-        return r;
       }
       return r;
     }
@@ -961,7 +956,22 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err)
   if (BIO_eof(SSL_get_rbio(this->ssl))) { // No more data in the buffer
     // Read from socket to fill in the BIO buffer with the
     // raw handshake data before calling the ssl accept calls.
-    this->read_raw_data();
+    int retval = this->read_raw_data();
+    if (retval < 0) {
+      if (retval == -EAGAIN) {
+         // No data at the moment, hang tight
+         SSLDebugVC(this, "SSL handshake: EAGAIN");
+         return SSL_HANDSHAKE_WANT_READ;
+      } else {
+         // An error, make us go away
+         SSLDebugVC(this, "SSL handshake error: read_retval=%d", retval);
+         return EVENT_ERROR;
+      }
+    } else if (retval == 0) {
+      // EOF, go away, we stopped in the handshake
+      SSLDebugVC(this, "SSL handshake error: EOF");
+      return EVENT_ERROR;
+    }
   }
 
   ssl_error_t ssl_error = SSLAccept(ssl);

Reply via email to