Skip to content

Commit

Permalink
tls: openssl: fix error handling for OpenSSL API fluent#4098 (fluent#…
Browse files Browse the repository at this point in the history
…4100)

Signed-off-by: Ramya <[email protected]>
  • Loading branch information
krispraws authored and 0Delta committed Jan 20, 2022
1 parent 06c3320 commit 02855f0
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 1 deletion.
11 changes: 11 additions & 0 deletions src/tls/flb_tls.c
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,9 @@ int flb_tls_net_read(struct flb_upstream_conn *u_conn, void *buf, size_t len)
if (ret == FLB_TLS_WANT_READ) {
goto retry_read;
}
else if (ret == FLB_TLS_WANT_WRITE) {
goto retry_read;
}
else if (ret < 0) {
return -1;
}
Expand All @@ -206,6 +209,14 @@ int flb_tls_net_read_async(struct flb_coro *co, struct flb_upstream_conn *u_conn

goto retry_read;
}
else if (ret == FLB_TLS_WANT_WRITE) {
u_conn->coro = co;

io_tls_event_switch(u_conn, MK_EVENT_WRITE);
flb_coro_yield(co, FLB_FALSE);

goto retry_read;
}
else
{
/* We want this field to hold NULL at all times unless we are explicitly
Expand Down
8 changes: 7 additions & 1 deletion src/tls/openssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -353,13 +353,17 @@ static int tls_net_read(struct flb_upstream_conn *u_conn,
ctx = session->parent;
pthread_mutex_lock(&ctx->mutex);

ERR_clear_error();
ret = SSL_read(session->ssl, buf, len);
if (ret <= 0) {
ret = SSL_get_error(session->ssl, ret);
if (ret == SSL_ERROR_WANT_READ) {
ret = FLB_TLS_WANT_READ;
}
else if (ret < 0) {
else if (ret == SSL_ERROR_WANT_WRITE) {
ret = FLB_TLS_WANT_WRITE;
}
else {
ret = -1;
}
}
Expand All @@ -379,6 +383,7 @@ static int tls_net_write(struct flb_upstream_conn *u_conn,
ctx = session->parent;
pthread_mutex_lock(&ctx->mutex);

ERR_clear_error();
ret = SSL_write(session->ssl,
(unsigned char *) data + total,
len - total);
Expand Down Expand Up @@ -414,6 +419,7 @@ static int tls_net_handshake(struct flb_tls *tls, void *ptr_session)
SSL_set_tlsext_host_name(session->ssl, tls->vhost);
}

ERR_clear_error();
ret = SSL_connect(session->ssl);
if (ret != 1) {
ret = SSL_get_error(session->ssl, ret);
Expand Down

0 comments on commit 02855f0

Please sign in to comment.