Hi Emeric, Thanks for your review! Please see the updated patches and let me know if your comments have been properly addressed.
Thanks, Grant
0001-ssl-add-basic-support-for-OpenSSL-crypto-engine.patch
Description: Binary data
0002-ssl-add-openssl-async-mode-support.patch
Description: Binary data
> On May 2, 2017, at 04:49, Emeric Brun <[email protected]> wrote: > > Hi Grant, > > > An other issue: > > static void ssl_sock_close(struct connection *conn) { > > if (conn->xprt_ctx) { > if (global_ssl.async) { > /* the async fd is created and owned by the SSL > engine, which is > * responsible for fd closure. Here we are done with > the async fd > * thus disable the polling on it, as well as clean up > fdtab entry. > */ > fd_stop_both(conn->async_fd); > fdtab[conn->async_fd].async = 0; > fdtab[conn->async_fd].state = 0; > } > > > If yout configure ssl-async without an engine or filtering on a unused algo. > This code is > called with an uninitialized conn->async_fd, resulting some of the time with > a segfault. > > R, > Emeric
