svn commit: r1708497 - /serf/trunk/buckets/ssl_buckets.c

Tue, 13 Oct 2015 12:58:24 -0700 

Author: rhuijben
Date: Tue Oct 13 19:58:02 2015
New Revision: 1708497

URL: http://svn.apache.org/viewvc?rev=1708497&view=rev
Log:
Make the ssl bucket error behavior on encountering a renegotiation more
stable by setting the crypt_status on the created read and write errors.

* serf-dev/dev/buckets/ssl_buckets.c
  (bio_bucket_read,
   bio_bucket_write): Set crypto error on renegotiate. Log and clear retry
     hints before returning.

Modified:
    serf/trunk/buckets/ssl_buckets.c

Modified: serf/trunk/buckets/ssl_buckets.c
URL: 
http://svn.apache.org/viewvc/serf/trunk/buckets/ssl_buckets.c?rev=1708497&r1=1708496&r2=1708497&view=diff
==============================================================================
--- serf/trunk/buckets/ssl_buckets.c (original)
+++ serf/trunk/buckets/ssl_buckets.c Tue Oct 13 19:58:02 2015
@@ -308,16 +308,18 @@ static int bio_bucket_read(BIO *bio, cha
     apr_status_t status;
     apr_size_t len;
 
-    /* The server initiated a renegotiation and we were instructed to report
-       that as an error asap. */
-    if (ctx->renegotiation)
-        return -1;
-
     serf__log(LOGLVL_DEBUG, LOGCOMP_SSL, __FILE__, ctx->config,
               "bio_bucket_read called for %d bytes\n", inlen);
 
     BIO_clear_retry_flags(bio); /* Clear retry hints */
 
+    /* The server initiated a renegotiation and we were instructed to report
+       that as an error asap. */
+    if (ctx->renegotiation) {
+      ctx->crypt_status = SERF_ERROR_SSL_NEGOTIATE_IN_PROGRESS;
+      return -1;
+    }
+
     status = serf_bucket_read(ctx->decrypt.stream, inlen, &data, &len);
     ctx->crypt_status = status;
     ctx->want_read = FALSE;
@@ -347,15 +349,18 @@ static int bio_bucket_write(BIO *bio, co
     serf_ssl_context_t *ctx = bio->ptr;
     serf_bucket_t *tmp;
 
-    /* The server initiated a renegotiation and we were instructed to report
-       that as an error asap. */
-    if (ctx->renegotiation)
-        return -1;
-
     serf__log(LOGLVL_DEBUG, LOGCOMP_SSL, __FILE__, ctx->config,
               "bio_bucket_write called for %d bytes\n", inl);
 
     BIO_clear_retry_flags(bio); /* Clear retry hints */
+
+    /* The server initiated a renegotiation and we were instructed to report
+       that as an error asap. */
+    if (ctx->renegotiation) {
+      ctx->crypt_status = SERF_ERROR_SSL_NEGOTIATE_IN_PROGRESS;
+      return -1;
+    }
+
     ctx->crypt_status = APR_SUCCESS;
 
     tmp = serf_bucket_simple_copy_create(in, inl,

Reply via email to