Skip to content

Commit

Permalink
tls: Issue #4098 Fix error handling for OpenSSL apis
Browse files Browse the repository at this point in the history
Signed-off-by: Ramya <[email protected]>
  • Loading branch information
krispraws committed Sep 18, 2021
1 parent 1b6269d commit 8d1cfeb
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
9 changes: 9 additions & 0 deletions src/tls/flb_tls.c
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,9 @@ int flb_tls_net_read(struct flb_upstream_conn *u_conn, void *buf, size_t len)
if (ret == FLB_TLS_WANT_READ) {
goto retry_read;
}
else if (ret == FLB_TLS_WANT_WRITE) {
goto retry_read;
}
else if (ret < 0) {
return -1;
}
Expand All @@ -204,6 +207,12 @@ int flb_tls_net_read_async(struct flb_coro *co, struct flb_upstream_conn *u_conn
flb_coro_yield(co, FLB_FALSE);
goto retry_read;
}
else if (ret == FLB_TLS_WANT_WRITE) {
u_conn->coro = co;
io_tls_event_switch(u_conn, MK_EVENT_WRITE);
flb_coro_yield(co, FLB_FALSE);
goto retry_read;
}
else if (ret < 0) {
return -1;
}
Expand Down
8 changes: 7 additions & 1 deletion src/tls/openssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -353,13 +353,17 @@ static int tls_net_read(struct flb_upstream_conn *u_conn,
ctx = session->parent;
pthread_mutex_lock(&ctx->mutex);

ERR_clear_error();
ret = SSL_read(session->ssl, buf, len);
if (ret <= 0) {
ret = SSL_get_error(session->ssl, ret);
if (ret == SSL_ERROR_WANT_READ) {
ret = FLB_TLS_WANT_READ;
}
else if (ret < 0) {
else if (ret == SSL_ERROR_WANT_WRITE) {
ret = FLB_TLS_WANT_WRITE;
}
else {
ret = -1;
}
}
Expand All @@ -379,6 +383,7 @@ static int tls_net_write(struct flb_upstream_conn *u_conn,
ctx = session->parent;
pthread_mutex_lock(&ctx->mutex);

ERR_clear_error();
ret = SSL_write(session->ssl,
(unsigned char *) data + total,
len - total);
Expand Down Expand Up @@ -414,6 +419,7 @@ static int tls_net_handshake(struct flb_tls *tls, void *ptr_session)
SSL_set_tlsext_host_name(session->ssl, tls->vhost);
}

ERR_clear_error();
ret = SSL_connect(session->ssl);
if (ret != 1) {
ret = SSL_get_error(session->ssl, ret);
Expand Down

0 comments on commit 8d1cfeb

Please sign in to comment.