tls: mbedtls: retry read/write

Refer to document we should retry read/write
if one of below errors occurred.

MBEDTLS_ERR_SSL_WANT_READ
MBEDTLS_ERR_SSL_WANT_WRITE
MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS
MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS

Signed-off-by: Takahiro Yamashita <[email protected]>

src/tls/mbedtls.c.in

@@ -328,9 +328,14 @@ static int tls_net_read(struct flb_upstream_conn *u_conn,
     struct tls_session *session = (struct tls_session *) u_conn->tls_session;
 
     ret = mbedtls_ssl_read(&session->ssl, buf, len);
-    if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
+    if (ret == MBEDTLS_ERR_SSL_WANT_READ ||
+        ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ||
+        ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
         return FLB_TLS_WANT_READ;
     }
+    else if (ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+        return FLB_TLS_WANT_WRITE;
+    }
     else if (ret < 0) {
         mbedtls_strerror(ret, err_buf, sizeof(err_buf));
         flb_error("[tls] SSL error: %s", err_buf);
@@ -355,7 +360,9 @@ static int tls_net_write(struct flb_upstream_conn *u_conn,
     ret = mbedtls_ssl_write(&session->ssl,
                             (unsigned char *) data + total,
                             len - total);
-    if (ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+    if (ret == MBEDTLS_ERR_SSL_WANT_WRITE ||
+        ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ||
+        ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
         return FLB_TLS_WANT_WRITE;
     }
     else if (ret == MBEDTLS_ERR_SSL_WANT_READ) {