This is an automated email from the ASF dual-hosted git repository. cliffjansen pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/qpid-proton.git
The following commit(s) were added to refs/heads/main by this push: new c9d8caa07 PROTON-2643: C ssl driver - avoid hang in handshake in older versions of OpenSSL c9d8caa07 is described below commit c9d8caa07a229f3d255159316fa55441ff638752 Author: Clifford Jansen <cliffjan...@apache.org> AuthorDate: Thu Nov 24 10:31:55 2022 -0800 PROTON-2643: C ssl driver - avoid hang in handshake in older versions of OpenSSL --- c/src/ssl/openssl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/c/src/ssl/openssl.c b/c/src/ssl/openssl.c index 145f60e0b..caa7ea011 100644 --- a/c/src/ssl/openssl.c +++ b/c/src/ssl/openssl.c @@ -114,6 +114,7 @@ struct pni_ssl_t { bool ssl_closed; // shutdown complete, or SSL error bool read_blocked; // SSL blocked until more network data is read bool write_blocked; // SSL blocked until data is written to network + bool handshake_ok; int err_reason; char *subject; @@ -1275,6 +1276,10 @@ static ssize_t process_output_ssl( pn_transport_t *transport, unsigned int layer ssl->write_blocked = false; work_pending = work_pending || max_len > 0; ssl_log(transport, PN_LEVEL_TRACE, "Read %d bytes from BIO Layer", available ); + } else if ( !ssl->handshake_ok && !ssl->ssl_closed ) { + // OpenSSL bug workaround 1.0.x -> unknown. Harmless in all versions. + // See PROTON-2643. SSL_do_handshake() prevents forgetting to refill the BIO. + ssl->handshake_ok = (SSL_do_handshake(ssl->ssl) == 1); } } --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org