diff --git a/src/tls/flb_tls.c b/src/tls/flb_tls.c index 26c42ebd6f5..26974353a69 100644 --- a/src/tls/flb_tls.c +++ b/src/tls/flb_tls.c @@ -180,6 +180,9 @@ int flb_tls_net_read(struct flb_upstream_conn *u_conn, void *buf, size_t len) if (ret == FLB_TLS_WANT_READ) { goto retry_read; } + else if (ret == FLB_TLS_WANT_WRITE) { + goto retry_read; + } else if (ret < 0) { return -1; } @@ -206,6 +209,14 @@ int flb_tls_net_read_async(struct flb_coro *co, struct flb_upstream_conn *u_conn goto retry_read; } + else if (ret == FLB_TLS_WANT_WRITE) { + u_conn->coro = co; + + io_tls_event_switch(u_conn, MK_EVENT_WRITE); + flb_coro_yield(co, FLB_FALSE); + + goto retry_read; + } else { /* We want this field to hold NULL at all times unless we are explicitly diff --git a/src/tls/openssl.c b/src/tls/openssl.c index f39a0ce8a34..57a2da95355 100644 --- a/src/tls/openssl.c +++ b/src/tls/openssl.c @@ -353,13 +353,17 @@ static int tls_net_read(struct flb_upstream_conn *u_conn, ctx = session->parent; pthread_mutex_lock(&ctx->mutex); + ERR_clear_error(); ret = SSL_read(session->ssl, buf, len); if (ret <= 0) { ret = SSL_get_error(session->ssl, ret); if (ret == SSL_ERROR_WANT_READ) { ret = FLB_TLS_WANT_READ; } - else if (ret < 0) { + else if (ret == SSL_ERROR_WANT_WRITE) { + ret = FLB_TLS_WANT_WRITE; + } + else { ret = -1; } } @@ -379,6 +383,7 @@ static int tls_net_write(struct flb_upstream_conn *u_conn, ctx = session->parent; pthread_mutex_lock(&ctx->mutex); + ERR_clear_error(); ret = SSL_write(session->ssl, (unsigned char *) data + total, len - total); @@ -414,6 +419,7 @@ static int tls_net_handshake(struct flb_tls *tls, void *ptr_session) SSL_set_tlsext_host_name(session->ssl, tls->vhost); } + ERR_clear_error(); ret = SSL_connect(session->ssl); if (ret != 1) { ret = SSL_get_error(session->ssl, ret);