CVSROOT: /cvs Module name: src Changes by: bl...@cvs.openbsd.org 2015/02/19 17:56:32
Modified files: usr.sbin/syslogd: evbuffer_tls.c evbuffer_tls.h syslogd.c Log message: When syslogd is writing over TLS, the error "SSL3_WRITE_PENDING:bad write retry" may occur. Unfortunately libtls tls_write() has inherited the strange semantics regarding partial writes and buffer movement from SSL_write(). This will be investigated after unlock, the goal is to have the behavior of write(2) in libtls. For now add a workaround in syslogd. If tls_write() indicates that it needs a read or write again, stop modifying the output buffer. Instead drop and count the syslog messages. After writing over TLS was successful, continue to queue the messages. This solution has minimum inpact and will be improved after 5.7 release. discussed with tedu@ reyk@ jsing@; OK tedu@